EY
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open
EY, Chicago, Illinois, United States, 60290
Overview
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open. Location: Anywhere in Country. EY is seeking a dedicated Endpoint Security Operations Engineer to join our cybersecurity team. The role focuses on the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). A strong understanding of endpoint security principles, threat detection, and incident response is required, with the ability to collaborate across teams to enhance security posture. Responsibilities
Endpoint Security Management: Administer and support endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Monitor alerts and incidents and respond promptly to threats and vulnerabilities. Threat Detection and Response: Analyze security events to identify threats, respond to incidents, and conduct forensic investigations to determine root causes and implement corrective actions. Policy Configuration and Enforcement: Develop, implement, and enforce endpoint security policies and procedures; configure and optimize security settings to enhance protection. User Support: Provide technical support to end-users regarding endpoint security tools and best practices. Collaboration and Communication: Work with IT and security teams to integrate endpoint security solutions with existing security frameworks and incident response processes; report on incidents, trends, and improvement recommendations. Documentation and Reporting: Maintain documentation of endpoint security configurations, processes, and incident response actions; generate reports on metrics, incidents, and compliance for management review. Continuous Improvement: Stay updated on trends, threats, and technologies in endpoint security; identify opportunities for process improvements and automation; automate activities using scripting (PowerShell, Python) and automation platforms (Tines, PowerAutomate, etc.). Qualifications
Bachelor’s degree in computer science, IT, cybersecurity, or related field. Proven experience managing and supporting endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Strong understanding of endpoint security principles, threat detection, and incident response methodologies. Proficiency in security monitoring tools and SIEM solutions. Excellent problem-solving skills and attention to detail; strong communication and interpersonal skills. Scripting experience (PowerShell, Python, etc.). Ticket and change management experience in ServiceNow. Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus. Preferred Skills
Experience with scripting languages for automation and reporting (PowerShell, Python). Familiarity with compliance frameworks (NIST, ISO 27001) and risk management practices. Knowledge of network security concepts and technologies. What We Offer
Comprehensive compensation and benefits package, including medical and dental coverage, pension and 401(k), and paid time off. Base salary ranges vary by location; total rewards reflect performance and experience. Hybrid work model with an expectation of in-person collaboration 40-60% of the time on engagements, projects, or years. Flexible vacation policy and time off for holidays, personal/family care, and other leaves to support well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, additional information is available.
#J-18808-Ljbffr
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open. Location: Anywhere in Country. EY is seeking a dedicated Endpoint Security Operations Engineer to join our cybersecurity team. The role focuses on the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). A strong understanding of endpoint security principles, threat detection, and incident response is required, with the ability to collaborate across teams to enhance security posture. Responsibilities
Endpoint Security Management: Administer and support endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Monitor alerts and incidents and respond promptly to threats and vulnerabilities. Threat Detection and Response: Analyze security events to identify threats, respond to incidents, and conduct forensic investigations to determine root causes and implement corrective actions. Policy Configuration and Enforcement: Develop, implement, and enforce endpoint security policies and procedures; configure and optimize security settings to enhance protection. User Support: Provide technical support to end-users regarding endpoint security tools and best practices. Collaboration and Communication: Work with IT and security teams to integrate endpoint security solutions with existing security frameworks and incident response processes; report on incidents, trends, and improvement recommendations. Documentation and Reporting: Maintain documentation of endpoint security configurations, processes, and incident response actions; generate reports on metrics, incidents, and compliance for management review. Continuous Improvement: Stay updated on trends, threats, and technologies in endpoint security; identify opportunities for process improvements and automation; automate activities using scripting (PowerShell, Python) and automation platforms (Tines, PowerAutomate, etc.). Qualifications
Bachelor’s degree in computer science, IT, cybersecurity, or related field. Proven experience managing and supporting endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Strong understanding of endpoint security principles, threat detection, and incident response methodologies. Proficiency in security monitoring tools and SIEM solutions. Excellent problem-solving skills and attention to detail; strong communication and interpersonal skills. Scripting experience (PowerShell, Python, etc.). Ticket and change management experience in ServiceNow. Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus. Preferred Skills
Experience with scripting languages for automation and reporting (PowerShell, Python). Familiarity with compliance frameworks (NIST, ISO 27001) and risk management practices. Knowledge of network security concepts and technologies. What We Offer
Comprehensive compensation and benefits package, including medical and dental coverage, pension and 401(k), and paid time off. Base salary ranges vary by location; total rewards reflect performance and experience. Hybrid work model with an expectation of in-person collaboration 40-60% of the time on engagements, projects, or years. Flexible vacation policy and time off for holidays, personal/family care, and other leaves to support well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, additional information is available.
#J-18808-Ljbffr