AI + behavioral biometrics = Invisible, device-free #MFA and true continuous authentication for #ZeroTrust.

Senior Endpoint Security Engineer – Carbon Black, Symantec

Security EngineerSecurity EngineerContractRemoteTeam 11-50H1B No SponsorCompany Site LinkedIn

Location

New Jersey

Posted

93 days ago

Salary

Not specified

6 yrs expEnglishCloudLinuxMac OSPythonVmware

Job Description

• Lead enterprise-wide deployment, configuration, and lifecycle operations for Carbon Black and Symantec endpoint platforms. • Architect scalable endpoint security solutions aligned to organizational standards and zero-trust principles. • Develop and refine advanced policies, application controls, EDR rules, tamper protection settings, and prevention controls. • Oversee tuning activities to balance protection, performance, and operational efficiency. • Serve as Tier 3 engineering escalation for endpoint security issues and agent health failures. • Lead deep-dive incident investigations using Carbon Black and Symantec telemetry, process analysis, and behavioral tracking. • Build integrations with SIEM, SOAR, vulnerability management, and IT ops tools. • Drive automation of endpoint management tasks through PowerShell, Python, or Bash. • Create enterprise standards, architecture documentation, runbooks, and engineering playbooks. • Mentor mid-level and junior engineers; contribute to team capability development. • Evaluate new capabilities, conduct PoCs, and recommend improvements to endpoint strategy. • Support compliance requirements including ISO 27001, NIST CSF, CIS Controls, and sector-specific mandates.

Job Requirements

6–10 years of experience in information security or endpoint engineering roles.
Expert-level experience with VMware Carbon Black (App Control, EDR, Cloud) including advanced policy design, incident response, and console administration.
Expert-level experience with Symantec endpoint security platforms (SEP, SES, Symantec EDR, content policy tuning).
Strong understanding of endpoint forensics, malware analysis fundamentals, and attacker tradecraft.
Proficiency with Windows, macOS, and/or Linux endpoint internals and event logging.
Demonstrated experience integrating endpoint data with SIEM/SOAR platforms.
Ability to lead complex troubleshooting involving OS, network, and security layers.
Strong documentation, communication, and technical leadership abilities.
Experience designing enterprise security architectures or zero-trust endpoint models (preferred).
Significant experience in environments with 5,000+ endpoints (preferred).
Development or automation experience with PowerShell, Python, Bash, or REST APIs (preferred).
Experience with threat modeling, purple teaming, or incident response leadership (preferred).
Certifications such as CBCA, CBCM, Symantec/Broadcom certifications, GSEC, GCED, GCIA, GCFA, or similar (preferred).