RemoteLeaf Logo
Log in Sign up

Endpoint Security Engineer

2 months, 1 week ago
United States
Full-time
Mid Level
Security Engineer
DevOps and Infrastructure
AWS Azure CrowdStrike Linux macOS Penetration Testing PowerShell Python SIEM SOC
Apply Now
Sangoma Technologies

Sangoma Technologies

Sangoma Technologies specializes in providing comprehensive business communication solutions, including scalable Voice Over IP telephony systems, Unified Communications as a Service (UCaaS), and various hardware and software components that enhance IP ...

Diversified Telecommunication Services
251-1K
Founded 1984
$28M raised
View All Jobs 9

Description

  • Serve as an escalation point for SOC/EDR/XDR alerts and suspected security incidents.
  • Automate and optimize Incident Response procedures using PowerShell, Python, and scripted API calls.
  • Author and maintain custom detection rules in EDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender) and test/deploy EDR agent updates.
  • Evaluate, implement, and maintain endpoint and endpoint-adjacent security solutions and configurations.
  • Document Incident Response procedures, maintain solution documentation, and cross-train technical personnel on those procedures.
  • Participate in penetration testing and tabletop Incident Response exercises, and document lessons learned to drive improvements.
  • Produce and improve security dashboards and reports for visibility and incident analysis.
  • Collaborate with IT, Infrastructure, and Cloud teams to implement secure endpoint configurations, support vulnerability remediation, and lead endpoint hardening initiatives.
  • Identify gaps in endpoint security coverage, recommend remediation/enhancements, and coordinate with SOC/IT to resolve high-priority incidents.
  • Participate in an on-call rotation (one week per month) and be reachable 24/7 during assigned on-call periods to investigate and coordinate incident response.

Requirements

  • 4–6 years of experience in a security, SOC, or Incident Response role.
  • Solid experience with one or more EDR solutions such as SentinelOne, CrowdStrike, or Microsoft Defender.
  • In-depth understanding of threat behaviors mapped to the MITRE ATT&CK Framework.
  • Intermediate understanding of Windows, macOS, and Linux file structures and process architecture.
  • Experience with ITIL-oriented Change Management, Incident Management, and Problem Management in an enterprise environment.
  • Experience with automation and API integration using Python and/or PowerShell.
  • One or more industry-standard security certifications (examples: Security+, CySA+, Microsoft SC-200, CEH, GIAC).
  • Ability to participate in an on-call rotation and be reachable 24/7 during assigned on-call periods (one week per month).
  • Preferred: experience with SIEM/SOAR solutions for event correlation and automated response.
  • Preferred: experience performing forensic investigations and malware analysis, and ability to perform and document penetration testing exercises.
  • Preferred: knowledge of cloud and hybrid environments such as Microsoft 365, Azure, AWS, Intune.
  • Remote role with preference for candidates located in Central or Eastern U.S. time zones; must be authorized to work in the United States for any employer.

Benefits

  • Extensive benefits including Health, Vision, Dental, and Short & Long Term Disability (effective after a short waiting period).
  • Matching 401(k) program with 100% match on employee contributions up to 4%.
  • Employee Stock Purchase Plan after one year of service.
  • Flexible Time Off and company holidays.
  • Remote work opportunity with preference for Central/Eastern U.S. time zones.
  • Salary range $100,000 to $110,000 per year, commensurate with experience, qualifications, and location.
  • Entrepreneurial work environment with high-growth career opportunities and transparent compensation practices.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Sumo Logic

Staff Threat Research Engineer

Sumo Logic 251-1K Internet Software & Services

Sumo Logic’s Threat Labs is hiring a staff-level threat researcher to turn threat intelligence and original adversary research into high-quality detections for its SIEM platform.

United States Full-time Lead Research Scientist Security Engineer
$162k-$190k
AWS Azure Cybersecurity GCP Machine Learning PowerShell Python SIEM SOC
1 hour, 40 minutes ago
Bugcrowd

Manager, Engineering (Identity and Access Management)

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a Software Engineering Manager to lead its Identity and Access Management team in building secure, scalable authentication, authorization, and identity services across the company’s product ecosystem.

United States Full-time Lead Engineering Manager Security Engineer
$138k-$213k
Agile AWS Azure Encryption GCP Go Java JWT Node.js OpenID Connect Ruby SAML Scrum
5 hours, 4 minutes ago
Arize AI

DevSecOps Engineer (TypeScript & Agentic AI)

Arize AI 51-250 IT Services

Arize AI is hiring a remote IT Support Specialist to support Mac-only endpoints, cloud systems, and compliance operations for a distributed team.

United States Full-time Junior Security Engineer Systems Administrator
Confluence GitHub JIRA TypeScript
11 hours, 40 minutes ago
Form3

Senior Cloud Security Engineer (Kubernetes)

Form3 251-1K Diversified Financial Services

Form3 is hiring a defensive security engineer to build and operate security controls for highly available multi-cloud payment systems and advise engineering teams on managing platform risk.

United Kingdom Netherlands Portugal Spain Germany Full-time Senior Cloud Engineer Security Engineer
AWS Azure CI/CD CockroachDB Flux GCP Go Helm Kubernetes Linux NATS Penetration Testing SIEM Terraform
12 hours, 13 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers