RemoteLeaf Logo
Log in Sign up

Endpoint Security Engineer

1 month ago
United States
Full-time
Mid Level
Security Engineer
DevOps and Infrastructure
AWS Azure CrowdStrike Linux macOS Penetration Testing PowerShell Python SIEM SOC
Apply Now
Sangoma Technologies

Sangoma Technologies

Sangoma Technologies specializes in providing comprehensive business communication solutions, including scalable Voice Over IP telephony systems, Unified Communications as a Service (UCaaS), and various hardware and software components that enhance IP ...

Diversified Telecommunication Services
251-1K
Founded 1984
$28M raised
View All Jobs 5

Description

  • Serve as an escalation point for SOC/EDR/XDR alerts and suspected security incidents.
  • Automate and optimize Incident Response procedures using PowerShell, Python, and scripted API calls.
  • Author and maintain custom detection rules in EDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender) and test/deploy EDR agent updates.
  • Evaluate, implement, and maintain endpoint and endpoint-adjacent security solutions and configurations.
  • Document Incident Response procedures, maintain solution documentation, and cross-train technical personnel on those procedures.
  • Participate in penetration testing and tabletop Incident Response exercises, and document lessons learned to drive improvements.
  • Produce and improve security dashboards and reports for visibility and incident analysis.
  • Collaborate with IT, Infrastructure, and Cloud teams to implement secure endpoint configurations, support vulnerability remediation, and lead endpoint hardening initiatives.
  • Identify gaps in endpoint security coverage, recommend remediation/enhancements, and coordinate with SOC/IT to resolve high-priority incidents.
  • Participate in an on-call rotation (one week per month) and be reachable 24/7 during assigned on-call periods to investigate and coordinate incident response.

Requirements

  • 4–6 years of experience in a security, SOC, or Incident Response role.
  • Solid experience with one or more EDR solutions such as SentinelOne, CrowdStrike, or Microsoft Defender.
  • In-depth understanding of threat behaviors mapped to the MITRE ATT&CK Framework.
  • Intermediate understanding of Windows, macOS, and Linux file structures and process architecture.
  • Experience with ITIL-oriented Change Management, Incident Management, and Problem Management in an enterprise environment.
  • Experience with automation and API integration using Python and/or PowerShell.
  • One or more industry-standard security certifications (examples: Security+, CySA+, Microsoft SC-200, CEH, GIAC).
  • Ability to participate in an on-call rotation and be reachable 24/7 during assigned on-call periods (one week per month).
  • Preferred: experience with SIEM/SOAR solutions for event correlation and automated response.
  • Preferred: experience performing forensic investigations and malware analysis, and ability to perform and document penetration testing exercises.
  • Preferred: knowledge of cloud and hybrid environments such as Microsoft 365, Azure, AWS, Intune.
  • Remote role with preference for candidates located in Central or Eastern U.S. time zones; must be authorized to work in the United States for any employer.

Benefits

  • Extensive benefits including Health, Vision, Dental, and Short & Long Term Disability (effective after a short waiting period).
  • Matching 401(k) program with 100% match on employee contributions up to 4%.
  • Employee Stock Purchase Plan after one year of service.
  • Flexible Time Off and company holidays.
  • Remote work opportunity with preference for Central/Eastern U.S. time zones.
  • Salary range $100,000 to $110,000 per year, commensurate with experience, qualifications, and location.
  • Entrepreneurial work environment with high-growth career opportunities and transparent compensation practices.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Databricks

Head of Corporate Engineering

Databricks 1K-5K IT Services

Databricks is hiring a Head of Corporate Engineering to lead global enterprise engineering and operations, building and scaling secure cloud infrastructure, identity and access, endpoints, collaboration and engineering tools to enable developer velocity and enterprise compliance.

United States Full-time Lead Infrastructure Engineer Security Engineer
$265k-$364k
Agile AWS Azure Confluence GCP GitHub JIRA macOS
1 month ago
ClickHouse

Incident Response Security Engineer

ClickHouse 51-250 IT Services

Security practitioner role at ClickHouse focused on scaling incident detection and response capabilities, driving adoption of security processes and tooling, and protecting the company’s cloud and product infrastructure for customer-facing services.

United Kingdom Full-time Senior Security Engineer
AWS Azure ClickHouse GCP Penetration Testing Python SIEM
1 month ago
Samsara

Senior Security Engineer - Vulnerability Management

Samsara 1K-5K IT Services

Senior Security Engineer at Samsara responsible for deploying, operating, and improving the company’s Vulnerability Management program to reduce software vulnerabilities and protect customer-facing infrastructure.

United States Full-time Senior Security Engineer
$158k-$238k
AWS CI/CD DevSecOps Go Python Serverless Terraform
1 month ago
ARETUM

Junior DevSecOps Engineer - Contingent

ARETUM Construction & Engineering

Junior DevSecOps Engineer at Aretum supporting a federal client to operate, automate, and secure cloud-based systems and CI/CD pipelines to enable reliable, compliant deployments.

United States Full-time Junior DevOps Engineer Security Engineer
Agile Ansible AWS AWS CDK Azure Chef CI/CD Docker Encryption Git GitLab CI Grafana JIRA Kubernetes Linux LXC Prometheus Puppet SaltStack Scrum Serverless Terraform
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers