Are you ready to shape a better tomorrow?

1. Strategy, Architecture & Governance

• Own and drive the global endpoint security product strategy and roadmap, covering EDR/AV, exploit mitigation, device control, host firewall, and application control.
• Align endpoint security capabilities with enterprise security architecture, regulatory requirements, and business priorities
• Define and enforce governance models for policy management, exception handling, and risk acceptance, including approval workflows and periodic reviews.
• Evaluate emerging threats, platform changes, and new security capabilities, recommending strategic enhancements with clear risk vs. value trade-offs

2. Engineering & Security Architecture

• Lead the engineering design and implementation of endpoint security controls across:
  • Microsoft Intune
  • Group Policy Objects (GPO)
  • Configuration management platforms
• Define and maintain standardized security baselines and hardening guidelines, including reusable configurations and gold images aligned to CIS benchmarks.
• Establish controls for exception management, configuration drift monitoring, and compliance enforcement
• Expand and strengthen endpoint runtime protection and agent guardrails to enhance resilience.

3. Endpoint Protection & Platform Management

• Manage and optimize endpoint security technologies, including:
  • Antivirus / EDR / HIPS
  • Device control and application control
  • Host-based firewall and exploit protection
• Ensure effective security coverage across:
  • User endpoints
  • Servers
  • Cloud workloads
• Drive agent lifecycle management, including packaging, deployment, upgrades, health monitoring, and decommissioning.
• Achieve and maintain ≥90% deployment and compliance posture across all regions and business units.

4. Security Operations & ITIL Service Ownership

• Own and operate endpoint security as a critical ITIL-aligned service, including:
  • Incident triage and escalation
  • Problem management and root cause analysis
  • Major incident participation
  • Change governance and release management
• Drive continuous service improvement (CSI) initiatives to enhance service reliability, performance, and user experience.
• Troubleshoot and resolve complex endpoint security issues, ensuring effective stakeholder communication.

5. Threat Detection, Response & SOC Integration

• Collaborate closely with SOC and Incident Response teams to:
  • Enhance detection use cases and analytics
  • Improve response playbooks and automation
  • Optimize containment actions (e.g., host isolation, process termination, file quarantine)
• Drive improvements in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for endpoint-related incidents.

6. Data, SIEM & Analytics Integration

• Lead integration of endpoint telemetry into SIEM and analytics platforms, ensuring:
  • Reliable log collection pipelines
  • Data normalization and enrichment
  • Scalable reporting and threat analytics
• Enable data-driven visibility and reporting for leadership and operational teams.

7. Integration with Enterprise Security Ecosystem

• Drive integration of endpoint platforms with adjacent security controls, including:
  • Email and threat gateways (e.g., Proofpoint, Exchange Online Protection)
  • Secure web gateways and ZTNA solutions (e.g., Zscaler)
• Improve end-to-end threat prevention, detection, and response capabilities across multiple security layers.

8. Vulnerability & Exposure Management

• Partner with patching and vulnerability teams to:
  • Drive remediation prioritization
  • Reduce attack surface through secure configurations
• Align endpoint security posture with industry frameworks, such as:
  • CIS Benchmarks
  • MITRE ATT&CK framework

9. Performance Management, Reporting & Governance

• Define and track service KPIs, SLAs, and compliance metrics
• Develop dashboards and operational reports for leadership and regional stakeholders.
• Conduct regular service reviews to drive improvements in:
  • Adoption
  • Stability
  • Coverage
  • User experience

10. Vendor & Stakeholder Management

• Manage endpoint security vendors and managed service providers, including:
  • Contract governance and performance management
  • Roadmap influence and feature enhancements
  • Cost optimization
• Engage with regional/in-country stakeholders to ensure alignment and compliance targets are met.

11. Leadership & Capability Development

• Provide technical leadership, mentorship, and coaching to engineers and analysts.
• Develop and maintain:
  • Standard operating procedures (SOPs)
  • Runbooks and playbooks
  • Knowledge base articles
• Build scalable capabilities to support consistent global service delivery

12. Continuous Improvement & Innovation

• Monitor industry trends, emerging threats, and technology advancements across Windows, Linux, macOS, and cloud platforms.
• Identify and implement feature enhancements and operational improvements
• Drive innovation to continuously strengthen endpoint security maturity and resilience