
Senior Endpoint Security Engineer – Carbon Black, Symantec
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in New Jersey.
• Oversee the enterprise-wide implementation, configuration, and lifecycle management for Carbon Black and Symantec endpoint platforms.
• Design scalable endpoint security solutions that adhere to organizational standards and zero-trust principles.
• Create and enhance advanced policies, application controls, EDR rules, tamper protection settings, and preventative measures.
• Manage tuning activities to achieve a balance between protection, performance, and operational efficiency.
• Act as Tier 3 engineering support for endpoint security challenges and agent health issues.
• Conduct in-depth incident investigations using Carbon Black and Symantec telemetry, process analysis, and behavioral tracking.
• Develop integrations with SIEM, SOAR, vulnerability management, and IT operations tools.
• Promote automation of endpoint management tasks utilizing PowerShell, Python, or Bash.
• Generate enterprise standards, architecture documentation, runbooks, and engineering playbooks.
• Guide mid-level and junior engineers while contributing to the development of team capabilities.
• Assess new capabilities, perform PoCs, and suggest enhancements to the endpoint strategy.
• Ensure compliance with standards including ISO 27001, NIST CSF, CIS Controls, and specific sector mandates.
• 6–10 years of experience in information security or endpoint engineering positions.
• Expert-level proficiency with VMware Carbon Black (App Control, EDR, Cloud), particularly in advanced policy design, incident response, and console management.
• Expert-level expertise with Symantec endpoint security platforms (SEP, SES, Symantec EDR, content policy tuning).
• Solid understanding of endpoint forensics, fundamentals of malware analysis, and attacker techniques.
• Proficient in Windows, macOS, and/or Linux endpoint internals and event logging.
• Proven experience in integrating endpoint data with SIEM/SOAR platforms.
• Capability to lead complex troubleshooting across OS, network, and security layers.
• Strong skills in documentation, communication, and technical leadership.
• Experience in designing enterprise security architectures or zero-trust endpoint frameworks.
• Extensive experience in environments with over 5,000 endpoints.
• Experience in development or automation with PowerShell, Python, Bash, or REST APIs.
• Background in threat modeling, purple teaming, or leading incident response efforts.
• Relevant certifications such as CBCA, CBCM, Symantec/Broadcom certifications, GSEC, GCED, GCIA, GCFA, or similar.
• No Agencies Please
Voyager Technologies
Auctane
Apollo Information Systems
Kraken Digital Asset Exchange
Get handpicked remote jobs straight to your inbox weekly.