EY
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open
EY, Richmond, Virginia, United States, 23214
Overview
Endpoint Security Operations Engineer to join EY's cybersecurity team. The role focuses on the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). A strong understanding of endpoint security principles, threat detection, and incident response is required, with the ability to collaborate with cross-functional teams to enhance our security posture. Key Responsibilities
Endpoint Security Management: Administer and support endpoint security solutions (CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, CyberArk EPM); monitor alerts and incidents and respond promptly to threats and vulnerabilities. Threat Detection and Response: Analyze security events and alerts to identify threats; respond to incidents in a timely manner; conduct forensic investigations to determine root causes and implement corrective actions. Policy Configuration and Enforcement: Develop, implement, and enforce endpoint security policies and procedures; configure and optimize security settings within endpoint tools to enhance protection. User Support: Provide technical support to end-users regarding endpoint security tools and best practices. Collaboration and Communication: Work with IT and security teams to integrate endpoint security with existing security frameworks and incident response processes; communicate security trends and recommendations to stakeholders. Documentation and Reporting: Maintain documentation of configurations, processes, and incident response actions; generate reports on endpoint security metrics, incidents, and compliance for management review. Continuous Improvement: Stay updated on endpoint security trends, threats, and technologies; identify opportunities for process improvements and automation; automate activities using scripting (PowerShell, Python) and automation tools (Tines, PowerAutomate, etc.). Qualifications
Bachelor’s degree in computer science, information technology, cybersecurity, or related field. Proven experience managing and supporting endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Strong understanding of endpoint security principles, threat detection, and incident response methodologies. Proficiency with security monitoring tools and SIEM solutions; excellent problem-solving and attention to detail. Strong communication and interpersonal skills. Scripting experience (PowerShell, Python); experience with ticket and change management in ServiceNow. Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus. Preferred Skills
Experience scripting for automation and reporting (PowerShell, Python). Familiarity with compliance frameworks (NIST, ISO 27001) and risk management. Knowledge of network security concepts and technologies. What We Offer You
Competitive compensation and benefits; salary ranges vary by location. EY offers medical and dental coverage, pension and 401(k) plans, and comprehensive paid time off. Flexible hybrid work model with in-person collaboration when serving clients (approximately 40-60% in person, depending on engagement). Flexible vacation policy and paid holidays, with accommodations for personal, family, and well-being needs as required. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, please review additional information linked in the job posting. EY is committed to equal employment opportunities and to providing accommodations to qualified individuals with disabilities during the application process. EY | Building a better working world. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence across assurance, consulting, tax, strategy and transactions. Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Professional Services
#J-18808-Ljbffr
Endpoint Security Operations Engineer to join EY's cybersecurity team. The role focuses on the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). A strong understanding of endpoint security principles, threat detection, and incident response is required, with the ability to collaborate with cross-functional teams to enhance our security posture. Key Responsibilities
Endpoint Security Management: Administer and support endpoint security solutions (CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, CyberArk EPM); monitor alerts and incidents and respond promptly to threats and vulnerabilities. Threat Detection and Response: Analyze security events and alerts to identify threats; respond to incidents in a timely manner; conduct forensic investigations to determine root causes and implement corrective actions. Policy Configuration and Enforcement: Develop, implement, and enforce endpoint security policies and procedures; configure and optimize security settings within endpoint tools to enhance protection. User Support: Provide technical support to end-users regarding endpoint security tools and best practices. Collaboration and Communication: Work with IT and security teams to integrate endpoint security with existing security frameworks and incident response processes; communicate security trends and recommendations to stakeholders. Documentation and Reporting: Maintain documentation of configurations, processes, and incident response actions; generate reports on endpoint security metrics, incidents, and compliance for management review. Continuous Improvement: Stay updated on endpoint security trends, threats, and technologies; identify opportunities for process improvements and automation; automate activities using scripting (PowerShell, Python) and automation tools (Tines, PowerAutomate, etc.). Qualifications
Bachelor’s degree in computer science, information technology, cybersecurity, or related field. Proven experience managing and supporting endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Strong understanding of endpoint security principles, threat detection, and incident response methodologies. Proficiency with security monitoring tools and SIEM solutions; excellent problem-solving and attention to detail. Strong communication and interpersonal skills. Scripting experience (PowerShell, Python); experience with ticket and change management in ServiceNow. Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus. Preferred Skills
Experience scripting for automation and reporting (PowerShell, Python). Familiarity with compliance frameworks (NIST, ISO 27001) and risk management. Knowledge of network security concepts and technologies. What We Offer You
Competitive compensation and benefits; salary ranges vary by location. EY offers medical and dental coverage, pension and 401(k) plans, and comprehensive paid time off. Flexible hybrid work model with in-person collaboration when serving clients (approximately 40-60% in person, depending on engagement). Flexible vacation policy and paid holidays, with accommodations for personal, family, and well-being needs as required. Are you ready to shape your future with confidence? Apply today. EY accepts applications on an ongoing basis. For California residents, please review additional information linked in the job posting. EY is committed to equal employment opportunities and to providing accommodations to qualified individuals with disabilities during the application process. EY | Building a better working world. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence across assurance, consulting, tax, strategy and transactions. Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Professional Services
#J-18808-Ljbffr