Plurilock

Compensation

Full Description

Job Description: • Lead enterprise-wide deployment, configuration, and lifecycle operations for Carbon Black and Symantec endpoint platforms. • Architect scalable endpoint security solutions aligned to organizational standards and zero-trust principles. • Develop and refine advanced policies, application controls, EDR rules, tamper protection settings, and prevention controls. • Oversee tuning activities to balance protection, performance, and operational efficiency. • Serve as Tier 3 engineering escalation for endpoint security issues and agent health failures. • Lead deep-dive incident investigations using Carbon Black and Symantec telemetry, process analysis, and behavioral tracking. • Build integrations with SIEM, SOAR, vulnerability management, and IT ops tools. • Drive automation of endpoint management tasks through PowerShell, Python, or Bash. • Create enterprise standards, architecture documentation, runbooks, and engineering playbooks. • Mentor mid-level and junior engineers; contribute to team capability development. • Evaluate new capabilities, conduct PoCs, and recommend improvements to endpoint strategy. • Support compliance requirements including ISO 27001, NIST CSF, CIS Controls, and sector-specific mandates. Requirements: • 6–10 years of experience in information security or endpoint engineering roles. • Expert-level experience with VMware Carbon Black (App Control, EDR, Cloud) including advanced policy design, incident response, and console administration. • Expert-level experience with Symantec endpoint security platforms (SEP, SES, Symantec EDR, content policy tuning). • Strong understanding of endpoint forensics, malware analysis fundamentals, and attacker tradecraft. • Proficiency with Windows, macOS, and/or Linux endpoint internals and event logging. • Demonstrated experience integrating endpoint data with SIEM/SOAR platforms. • Ability to lead complex troubleshooting involving OS, network, and security layers. • Strong documentation, communication, and technical leadership abilities. • Experience designing enterprise security architectures or zero-trust endpoint models (preferred). • Significant experience in environments with 5,000+ endpoints (preferred). • Development or automation experience with PowerShell, Python, Bash, or REST APIs (preferred). • Experience with threat modeling, purple teaming, or incident response leadership (preferred). • Certifications such as CBCA, CBCM, Symantec/Broadcom certifications, GSEC, GCED, GCIA, GCFA, or similar (preferred). Benefits: • No Agencies Please