EY
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open
EY, San Antonio, Texas, United States, 78208
Cyber SDC- Endpoint Security Lead Engineer - Senior - Consulting - Location Open
Location: Anywhere in Country
At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world.
We are looking for a dedicated and skilled Endpoint Security Operations Engineer to join our cybersecurity team. The ideal candidate will be responsible for the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). This role requires a strong understanding of endpoint security principles, threat detection, and incident response, and the ability to collaborate across teams.
Key Responsibilities
Endpoint Security Management:
Administer and support endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk EPM.
Monitor endpoint security alerts and incidents, responding promptly to potential threats and vulnerabilities.
Threat Detection and Response:
Analyze security events and alerts to identify potential threats and respond in a timely manner.
Conduct forensic investigations on security incidents to determine root cause and implement corrective actions.
Policy Configuration and Enforcement:
Develop, implement, and enforce endpoint security policies and procedures.
Configure and optimize security settings within endpoint security tools.
User Support: Provide technical support to end‑users regarding endpoint security tools.
Collaboration and Communication: Work closely with IT and security teams and report on incidents and recommendations.
Documentation and Reporting: Maintain accurate documentation and generate reports on metrics and compliance.
Continuous Improvement: Stay updated on trends, identify improvement opportunities, automate activities (PowerShell, Python, Tines, PowerAutomate).
Qualifications
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
Proven experience with CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk EPM.
Strong understanding of endpoint security, threat detection, and incident response methodologies.
Proficiency in security monitoring tools and SIEM solutions.
Excellent problem‑solving skills and attention to detail.
Strong communication and interpersonal skills.
Scripting experience (PowerShell, Python, etc.).
Ticket and change management experience in ServiceNow.
Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus.
Preferred Skills
Experience with scripting languages for automation and reporting.
Familiarity with compliance frameworks (NIST, ISO 27001) and risk management practices.
Knowledge of network security concepts and technologies.
What We Offer You
Competitive compensation and benefits: base salary ranges; additional benefits include medical, dental, pension, 401(k), and paid time off.
Hybrid work model, flexible vacation policy, paid holidays.
Future‑focused skill development and a diverse, inclusive culture.
EEO Statement EY is an equal opportunity employer. We provide equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis. EY is committed to providing reasonable accommodation to qualified individuals with disabilities. If you require accommodation during the application process, please contact EY Talent Shared Services Team at
ssc.customersupport@ey.com .
#J-18808-Ljbffr
At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world.
We are looking for a dedicated and skilled Endpoint Security Operations Engineer to join our cybersecurity team. The ideal candidate will be responsible for the management, monitoring, and optimization of endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk Endpoint Privilege Manager (EPM). This role requires a strong understanding of endpoint security principles, threat detection, and incident response, and the ability to collaborate across teams.
Key Responsibilities
Endpoint Security Management:
Administer and support endpoint security solutions, including CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk EPM.
Monitor endpoint security alerts and incidents, responding promptly to potential threats and vulnerabilities.
Threat Detection and Response:
Analyze security events and alerts to identify potential threats and respond in a timely manner.
Conduct forensic investigations on security incidents to determine root cause and implement corrective actions.
Policy Configuration and Enforcement:
Develop, implement, and enforce endpoint security policies and procedures.
Configure and optimize security settings within endpoint security tools.
User Support: Provide technical support to end‑users regarding endpoint security tools.
Collaboration and Communication: Work closely with IT and security teams and report on incidents and recommendations.
Documentation and Reporting: Maintain accurate documentation and generate reports on metrics and compliance.
Continuous Improvement: Stay updated on trends, identify improvement opportunities, automate activities (PowerShell, Python, Tines, PowerAutomate).
Qualifications
Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
Proven experience with CrowdStrike, Microsoft Defender for Endpoint, Microsoft Defender for Mobile, and CyberArk EPM.
Strong understanding of endpoint security, threat detection, and incident response methodologies.
Proficiency in security monitoring tools and SIEM solutions.
Excellent problem‑solving skills and attention to detail.
Strong communication and interpersonal skills.
Scripting experience (PowerShell, Python, etc.).
Ticket and change management experience in ServiceNow.
Relevant cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus.
Preferred Skills
Experience with scripting languages for automation and reporting.
Familiarity with compliance frameworks (NIST, ISO 27001) and risk management practices.
Knowledge of network security concepts and technologies.
What We Offer You
Competitive compensation and benefits: base salary ranges; additional benefits include medical, dental, pension, 401(k), and paid time off.
Hybrid work model, flexible vacation policy, paid holidays.
Future‑focused skill development and a diverse, inclusive culture.
EEO Statement EY is an equal opportunity employer. We provide equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis. EY is committed to providing reasonable accommodation to qualified individuals with disabilities. If you require accommodation during the application process, please contact EY Talent Shared Services Team at
ssc.customersupport@ey.com .
#J-18808-Ljbffr