Architect - IT Security (Endpoint Security Architect)
Description
Requirements:
- Manage and optimize endpoint protection platforms (EDR/XDR, AV, DLP, disk encryption, host firewalls) for a range of environments, including development workstations, virtual desktops (Citrix, AWS Workspaces), and cloud-managed devices (Autopilot, Intune). Optimize controls for development systems running EPM, Containers and other DevOps specific tooling.
- Design, implement, and manage Privileged Access Workstation (PAW) environments to enforce secure administrative access, including hardening baselines, OS configuration, network segmentation, and application whitelisting aligned with Zero Trust principles.
- Implement data security controls on endpoints, including classification, encryption, and DLP policies, to protect sensitive and regulated data (PII, PHI, IP).
- Support CASB and SaaS tooling (Microsoft Defender for Cloud Apps, Zscaler, Obsidian) to enforce data protection and access control across cloud apps.
- Write and maintain automation scripts in PowerShell and Python to deploy configurations, monitor system posture, and generate compliance reports.
- Integrate endpoint data with SIEM and SOAR platforms and support playbooks for automated alert triage, response, and remediation. Participate in purple teaming increase detection and prevention efficacy.
- Contribute to compliance efforts (CIS, NIST 800-53, NIST CSF) by ensuring endpoint configurations meet required standards and control objectives.
- Monitor endpoint health, vulnerability status, and patch compliance; coordinate engineering teams for rapid resolution.
Other skills:
- Maintain up-to-date documentation of configurations, procedures, and automated workflows.
- Ability to work collaboratively across security, IT, DevOps, and data teams in an AGILE first environment
- Excellent communication and documentation skills to explain complex security topics to technical and non-technical stakeholders