EY
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open
EY, Birmingham, Alabama, United States, 35275
Overview
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open at EY. The role focuses on the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). The candidate should have a strong understanding of endpoint security principles, threat detection, and incident response, and be able to collaborate with cross-functional teams to enhance security posture. Key Responsibilities
Endpoint Security Management: Administer and support endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM); monitor alerts and incidents and respond to potential threats and vulnerabilities. Threat Detection and Response: Analyze security events to identify threats, respond to incidents in a timely manner, and conduct forensic investigations to determine root causes and implement corrective actions. Policy Configuration and Enforcement: Develop, implement, and enforce endpoint security policies; configure and optimize security settings to enhance protection. User Support: Provide technical support to end-users regarding endpoint security tools and best practices. Collaboration and Communication: Work with IT and security teams to integrate endpoint security with existing frameworks and incident response processes; report on incidents, trends, and improvement recommendations. Documentation and Reporting: Maintain documentation of configurations, processes, and response actions; generate reports on metrics, incidents, and compliance for management. Continuous Improvement: Stay updated on trends and technologies in endpoint security; identify opportunities for process improvements and automation; automate activities using scripting (PowerShell, Python) and automation tools (Tines, PowerAutomate). Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field. Proven experience managing and supporting endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Strong understanding of endpoint security principles, threat detection, and incident response methodologies. Proficiency in security monitoring tools and SIEM solutions. Excellent problem-solving skills, attention to detail, and strong communication. Scripting experience (PowerShell, Python, etc.). Ticket and change management experience in ServiceNow. Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus. Preferred Skills
Experience with scripting languages (PowerShell, Python) for automation and reporting. Familiarity with compliance frameworks (NIST, ISO 27001) and risk management. Knowledge of network security concepts and technologies. What We Offer
EY provides a comprehensive compensation and benefits package with salary ranges depending on geography, including medical and dental coverage, pension and 401(k) plans, and paid time off. EY supports a hybrid work model and flexible vacation policy, with time off for holidays and personal needs. Join EY to develop future-focused skills in a diverse and inclusive environment. EY is committed to equal employment opportunities and provides accommodations for qualified individuals with disabilities. Additional Information
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Professional Services
#J-18808-Ljbffr
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open at EY. The role focuses on the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). The candidate should have a strong understanding of endpoint security principles, threat detection, and incident response, and be able to collaborate with cross-functional teams to enhance security posture. Key Responsibilities
Endpoint Security Management: Administer and support endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM); monitor alerts and incidents and respond to potential threats and vulnerabilities. Threat Detection and Response: Analyze security events to identify threats, respond to incidents in a timely manner, and conduct forensic investigations to determine root causes and implement corrective actions. Policy Configuration and Enforcement: Develop, implement, and enforce endpoint security policies; configure and optimize security settings to enhance protection. User Support: Provide technical support to end-users regarding endpoint security tools and best practices. Collaboration and Communication: Work with IT and security teams to integrate endpoint security with existing frameworks and incident response processes; report on incidents, trends, and improvement recommendations. Documentation and Reporting: Maintain documentation of configurations, processes, and response actions; generate reports on metrics, incidents, and compliance for management. Continuous Improvement: Stay updated on trends and technologies in endpoint security; identify opportunities for process improvements and automation; automate activities using scripting (PowerShell, Python) and automation tools (Tines, PowerAutomate). Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field. Proven experience managing and supporting endpoint security solutions (CrowdStrike, Defender for Endpoint, Defender for Mobile, CyberArk EPM). Strong understanding of endpoint security principles, threat detection, and incident response methodologies. Proficiency in security monitoring tools and SIEM solutions. Excellent problem-solving skills, attention to detail, and strong communication. Scripting experience (PowerShell, Python, etc.). Ticket and change management experience in ServiceNow. Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus. Preferred Skills
Experience with scripting languages (PowerShell, Python) for automation and reporting. Familiarity with compliance frameworks (NIST, ISO 27001) and risk management. Knowledge of network security concepts and technologies. What We Offer
EY provides a comprehensive compensation and benefits package with salary ranges depending on geography, including medical and dental coverage, pension and 401(k) plans, and paid time off. EY supports a hybrid work model and flexible vacation policy, with time off for holidays and personal needs. Join EY to develop future-focused skills in a diverse and inclusive environment. EY is committed to equal employment opportunities and provides accommodations for qualified individuals with disabilities. Additional Information
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Professional Services
#J-18808-Ljbffr