Endpoint Security Engineer

Overview: SOFTSWISS continues to expand the team and is looking for an Endpoint Security Engineer. Key responsibilities: Deploy, configure, and maintain(as L3) endpoint security solutions Own the end-to-end vulnerability management process for endpoints Develop and enforce endpoint hardening standards Collaborate with the SOC and other security teams to correlate endpoint telemetry with network and cloud events for threat detection and response Participate in the resolution of endpoint-related security incidents Support and administer the existing Splunk deployment - ensuring stability, data source coverage, and platform reliability; drive its evolution as a Security BI platform through advanced dashboards, metrics, and reporting tailored to endpoint security and management needs Required Experience: 5+ years of hands-on experience in endpoint security engineering, with a focus on Windows and macOS environments Deep expertise with modern EDR/XDR - deployment, policy configuration, agent management, and L3-level troubleshooting Proven experience with vulnerability management processes end-to-end: asset discovery, prioritization, remediation tracking, and reporting Experience administering Splunk including onboarding endpoint data sources, building searches and dashboards, and supporting SOC detection use cases Hands-on experience with MDM solutions (Jamf, Intune, or equivalent) - including defining and enforcing security configuration requirements, compliance baselines, and policy rollout Strong knowledge of endpoint hardening standards for Windows (CIS Benchmarks, STIG) and macOS (CIS macOS Benchmark, NIST guidelines) Experience developing and maintaining hardening baselines, including scripted or policy-driven enforcement at scale Ability to formalise security requirements into policies, standards, and control frameworks Hands-on participation in incident response for endpoint-related security events: containment, investigation, root cause analysis Solid understanding of attacker TTPs (MITRE ATT&CK framework) as applied to endpoint threat scenarios Experience in development and automation (Python/Go) Structured written and oral communication to ensure clarity Upper Intermediate or higher English level Nice to have: Experience with threat hunting on endpoint telemetry - proactively identifying anomalies beyond alert-driven workflows Familiarity with compliance frameworks relevant to endpoint controls: PCI DSS, ISO 27001, or SOC 2 - particularly mapping hardening standards to control requirements Exposure to SIEM/SOAR integration forwarding endpoint events, building detection rules, or contributing to automated response playbooks Understanding of PKI and certificate management as applied to endpoints (device certificates, mTLS, MDM enrollment) Experience with privileged access controls on endpoints - local admin management, PAM integration, or application allowlisting Familiarity with DLP solutions and data protection policies at the endpoint level Our benefits: Full-time remote work opportunities and flexible working hours Private insurance Additional 1 Day Off per calendar year Sports program compensation Comprehensive Mental Health Programme Free online English lessons with a native speaker Generous referral program Training, internal workshops, and participation in international professional conferences and corporate events Apply To This Job