Job Description
The Senior Endpoint Security Engineer is a senior technical position responsible for engineering, implementing, managing, and continuously improving enterprise endpoint security solutions across workstation, server, and operational technology endpoint environments.
This role provides hands-on technical leadership for endpoint security technologies, including antivirus/anti-malware (AV), endpoint detection and response (EDR), extended detection and response (XDR), cyber asset attack surface management (CASM), vulnerability management, configuration management, device control, application control, data loss prevention, endpoint telemetry, and related security controls that protect company assets from malware, ransomware, unauthorized access, and emerging threats.
The individual will assess, design, test, deploy, and support new endpoint security technologies while partnering with infrastructure, desktop, server, operations, architecture, and cyber defense teams to ensure solutions are secure, scalable, supportable, and aligned with enterprise security standards and business requirements. This role also supports threat hunting and detection engineering by using endpoint telemetry, security events, and threat intelligence to identify suspicious activity, develop detection logic, and improve investigation and response outcomes.
Core Responsibilities
- Engineer, implement, administer, and continuously improve enterprise endpoint security platforms across workstations, servers, and operational technology endpoint environments.
- Manage endpoint protection, endpoint detection and response, anti-malware, device control, and related endpoint security controls to reduce cyber risk.
- Assess, test, pilot, deploy, and operationalize new endpoint security technologies in alignment with enterprise standards, architecture requirements, and business needs.
- Develop and maintain endpoint security configurations, policies, exclusions, baselines, and deployment standards to support secure and reliable operations.
- Monitor endpoint security health, coverage, compliance, and control effectiveness; identify gaps and drive remediation with responsible support teams.
- Partner with desktop, server, infrastructure, operations, and cyber defense teams to support endpoint deployments, upgrades, troubleshooting, and incident response activities.
- Integrate endpoint telemetry and security events with monitoring, SIEM, and incident response processes to improve detection, investigation, and response capabilities.
- Perform threat hunting and detection engineering activities using endpoint telemetry, SIEM data, threat intelligence, and attacker behavior patterns to identify suspicious activity, develop detections, and improve cyber defense capabilities.
- Automate endpoint security administration, reporting, deployment validation, and remediation workflows using scripting and enterprise management tools where appropriate.
- Support vulnerability, configuration, and patch-related endpoint security initiatives by validating control effectiveness and coordinating remediation activities.
- Create and maintain technical documentation, operational procedures, implementation plans, and support materials for endpoint security solutions.
- Collaborate with risk, architecture, procurement, and business stakeholders to evaluate endpoint security capabilities, document requirements, and recommend fit-for-purpose solutions.
- Stay current on endpoint threat trends, attacker techniques, platform capabilities, and security best practices to continuously improve endpoint protection strategy and operations.
Required Education/Experience
- Master's Degree and with 2 years of relevant experience IT or Information security or
- Bachelor's Degree and with 3 years of relevant experience IT or Information security or
- Associate's Degree and with 5 years of relevant experience IT or Information security or
- High School Diploma/GED and with 6 years of relevant experience IT or Information security.
Preferred Education/Experience
- Master's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 2 years in Information security or Network Security in a senior technical role and experience engineering, implementing, administering, or supporting endpoint security technologies such as antivirus/anti-malware (AV), endpoint detection and response (EDR), extended detection and response (XDR), cyber asset attack surface management (CASM), vulnerability management, and configuration management.
- Hands-on experience configuring endpoint security policies, deployment standards, exclusions, device control, application control, data loss prevention, endpoint telemetry, and related endpoint protection controls.
- Experience assessing, testing, piloting, deploying, and operationalizing endpoint security solutions in enterprise environments.
- Bachelor's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 3 years in Information security or Network Security in a senior technical role and experience managing endpoint security operations, including AV, EDR, XDR, vulnerability management, configuration management, device control, endpoint telemetry, and related security controls.
- Experience supporting endpoint security deployments, upgrades, troubleshooting, health monitoring, coverage validation, compliance reporting, and remediation activities.
- Experience integrating endpoint security telemetry with monitoring, SIEM, incident response, and operational workflows preferred.
Relevant Work Experience
- Hands-on experience engineering, implementing, and administering enterprise endpoint security platforms across workstation, server, and operational technology endpoint environments, required.
- Experience implementing and managing endpoint protection, endpoint detection and response, anti-malware, device control, and related endpoint security controls, required.
- Knowledge of endpoint security policy management, role-based administration, device grouping, policy enforcement, and secure configuration baselines, required.
- Experience integrating endpoint telemetry, alerts, and security events with SIEM, monitoring, and incident response processes, required.
- Understanding of endpoint operating systems, endpoint networking, identity integration, and enterprise device management concepts, required.
- Experience configuring endpoint security policies, exclusions, prevention controls, detection rules, deployment rings, and operational standards, required.
- Strong understanding of endpoint security architecture, attack techniques, malware prevention, ransomware defense, and secure endpoint configuration., required.
- Experience collaborating with desktop, server, infrastructure, operations, and cyber defense teams for endpoint deployments, upgrades, troubleshooting, and remediation, required.
- Experience with endpoint telemetry collection, event analysis, security monitoring, and incident investigation support, required.
- Experience performing threat hunting and detection engineering, including developing, tuning, and validating detection logic based on endpoint telemetry, SIEM events, threat intelligence, and attacker tactics, techniques, and procedures, required.
- Experience implementing endpoint security best practices and providing technical guidance to infrastructure, operations, and support teams, required.
- Familiarity with endpoint inventory, software control, removable media control, certificate usage, and endpoint compliance reporting, required.
- Demonstrated experience leading technical workstreams, endpoint security initiatives, or project groups, preferred.
- Experience securing Windows, Linux, macOS, server, or operational technology endpoint environments preferred.
- Experience evaluating, piloting, and deploying new endpoint security capabilities to address evolving threats and business requirements, preferred.
- Experience integrating endpoint security automation into operational workflows using enterprise management, scripting, or configuration management tools, preferred.
Skills and Abilities
- Demonstrated analytical skills
- Strong verbal communication and listening skills
- Develops and delivers effective presentations
Licenses and Certifications
- Driver's License Required
- Other: GSEC, GCIH, CEH, or equivalent cybersecurity certification. Preferred
- Other: Microsoft SC-200, Microsoft SC-300, Microsoft 365 Certified: Endpoint Administrator Associate, CrowdStrike Certified Falcon Administrator, Tanium Certified Operator, GIAC Certified Enterprise Defender(GCED), or equivalent endpoint security certification. Preferred
Physical Demands
- Ability to push, pull, and lift up to 25 pounds
- Sit or stand to answer a phone for the duration of the workday
Additional Physical Demands
- The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
- The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
Mission Statement:
Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.
Benefits:
We are dedicated to supporting the physical, mental, and financial health of our employees and their families. This commitment extends beyond the workplace to foster personal growth and holistic wellbeing. Our life-changing rewards package includes:
- Rich medical & pharmacy benefits, including vision benefits
- Dental benefits
- Health Savings Accounts
- Health Care and Dependent Care Flexible Spending Accounts
- 401(k) with robust matching
- Employer paid Pension Plan
- Employee Stock Purchase Plan with a generous matching contribution
- State of the art Employee Assistance Program
- Paid Parental Leave
- Generous paid time off plus paid holidays
- Family support: emergency backup child, & elder care assistance
- Social responsibility and volunteer opportunities
- Employee discount program
- Commuter Benefits
- Culture of growth and learning: career development; tuition reimbursement; recognition program
- Life and Long-Term Disability Benefits
*Please be aware that some benefits may not apply to provisional or part-time job titles.