100% Remote – Senior Endpoint Security Engineer

  • Location: Lemont, Illinois
  • Remote: Remote
  • Type: Contract
  • Job #34819

Myticas direct client is seeking Senior Endpoint Security Engineer for 12 Months Contract, 100% Remote.opportunity.

Location: 100% REMOTE 
Duration: 12 Months+ Contract (Further possible extension)

*W2 Contract Only

TOP Skills/Experience:
The ideal candidate will bring endpoint engineering expertise, strong cyber security skills, and modern, secure coding practices with 3–5 years of experience in complex large enterprise environments.

  1. Hands-on expertise with SCCM, Jamf Pro, and/or Microsoft Intune for Windows and macOS endpoints.
  2. Experience packaging and deploying applications, security updates, and scripts across enterprise platforms.
  3. Familiarity with Group Policy and Intune for configuration management.
  4. Proficiency in automation scripting (PowerShell, Bash, Python) with emphasis on modular, reusable, and secure code.
  5. Experience with version control systems (Git) and collaborative development workflows (branching, pull requests, peer review).
  6. Knowledge of CVE program, NIST Vulnerability Database, CISA Known Exploited Vulnerability Database, and overall vulnerability management processes.
  7. Experience implementing NIST 800-53 Rev 5, CIS Benchmarks, DISA STIGs, Microsoft Security Baselines, and macOS Security Compliance Project.

 

Job Description:
Our direct client is Endpoint Security Engineer who will be embedded within the endpoint engineering team (3 Windows engineers, 2 macOS engineers) to enhance security operations and strengthen the security posture of client workstations. You will work closely with endpoint engineering and cybersecurity teams to identify vulnerabilities, automate remediation, and strengthen endpoint security baselines in a large enterprise environment.
Will assist in improving our endpoint cyber hygiene and vulnerability management program in collaboration with the CSPO.

Typical responsibilities include:

  • Vulnerability Management & Analysis:
    • Identify, analyze, and prioritize endpoint vulnerabilities using tools such as Tenable, Axonius, Jamf Pro, SCCM, Intune, Active Directory, and Entra.
    • Assess environmental and operational factors that may impact remediation feasibility and timelines.
    • Provide risk-based recommendations to improve the vulnerability management program.
  • Endpoint Remediation, Automation & Documentation:
    • Develop, test, and deploy remediation scripts and configurations for Windows and macOS endpoints using tools such as Jamf, ConfigMgr/SCCM, Intune, and Group Policy.
    • Write clear, maintainable scripts and automation (e.g., modular logic, meaningful naming, basic error handling and logging) that can be reused by the team.
    • Document scripts and configurations with purpose, parameters, usage instructions, and any security considerations to support troubleshooting and cross-team adoption.
    • Maintain an organized library of remediation artifacts; if applicable, help establish and use a version-controlled repository (e.g., Git) to track changes and support basic peer review.
  • Baseline Configuration & Compliance:
    • Contribute to secure baseline configurations aligned with Argonne CSPP, NIST 800-53 Rev 5, CIS Benchmarks, Microsoft Security Baselines, DISA STIGs, and/or macOS Security Compliance Project.
    • Assist in development, testing, implementation, documentation of baseline configurations.
    • Monitor baseline implementation for coverage, effectiveness, unapproved deviations, and required changes.
  • Collaboration & Reporting:
    • Participate in regular team meetings to provide status updates, propose improvements, and discuss implementation strategies.
    • Monitor endpoint compliance and provide reports on remediation effectiveness and baseline configurations to leadership and stakeholders.

Required Knowledge, Skills, and Abilities:

  • The ideal candidate will bring endpoint engineering expertise, strong cyber security skills, and modern, secure coding practices with 3–5 years of experience in complex large enterprise environments.
  • Endpoint Management:
    • Hands-on expertise with SCCM, Jamf Pro, and/or Microsoft Intune for Windows and macOS endpoints.
    • Experience packaging and deploying applications, security updates, and scripts across enterprise platforms.
    • Familiarity with Group Policy and Intune for configuration management.
  • Secure Coding & SDLC Practices:
    • Proficiency in automation scripting (PowerShell, Bash, Python) with emphasis on modular, reusable, and secure code.
    • Strong grasp of SDLC principles: requirements gathering, design, implementation, testing, deployment, and maintenance.
    • Experience with version control systems (Git) and collaborative development workflows (branching, pull requests, peer review).
    • Ability to document code and remediations clearly for cross-team adoption and knowledge transfer.
  • Security Frameworks & Compliance:
    • Knowledge of CVE program, NIST Vulnerability Database, CISA Known Exploited Vulnerability Database, and overall vulnerability management processes.
    • Experience implementing NIST 800-53 Rev 5, CIS Benchmarks, DISA STIGs, Microsoft Security Baselines, and macOS Security Compliance Project.
    • Ability to translate technical fixes into measurable improvements in endpoint security posture.
    • Experience using Tenable.SC or Tenable.VM as part of vulnerability management.
  • Soft Skills:
    • Strong problem-solving skills with a focus on reducing organizational risk.
    • Effective communication skills to convey technical concepts to both technical and non-technical stakeholders.
    • Collaborative mindset for working within a mixed Windows/macOS engineering team.
Attach a Resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!