Swoon · 19 hours ago
Endpoint Security Engineer
United States
Full-time
Remote
Mid Level
$75/hr - $80/hr
3+ years expSwoon is seeking an Endpoint Security Engineer to strengthen endpoint security operations within a large enterprise environment. The role involves vulnerability management, endpoint remediation, and compliance monitoring, as well as collaboration with team members to enhance overall security posture.
ConsultingHuman ResourcesInformation TechnologyLegalStaffing Agency
Responsibilities
Identify, analyze, and prioritize endpoint vulnerabilities using tools such as Tenable, Axonius, Jamf Pro, SCCM/ConfigMgr, Intune, Active Directory, and Entra
Evaluate environmental and operational constraints that affect remediation feasibility and timelines
Provide risk-based recommendations to improve endpoint vulnerability management practices
Design, test, and deploy remediation scripts and configurations for Windows and macOS endpoints using Jamf, SCCM/ConfigMgr, Intune, and Group Policy
Develop clean, maintainable automation using secure scripting practices (e.g., modular logic, error handling, logging)
Create clear documentation outlining script purpose, parameters, usage instructions, and security considerations
Maintain an organized library of remediation artifacts and support the use of version control (e.g., Git) for change tracking and peer review
Contribute to secure endpoint baselines aligned with Argonne CSPP, NIST 800-53 Rev. 5, CIS Benchmarks, Microsoft Security Baselines, DISA STIGs, and macOS Security Compliance Project
Assist with the development, testing, deployment, and documentation of baseline configurations
Monitor compliance, identify deviations, and recommend improvements to baseline effectiveness
Participate in regular team meetings, providing status updates and proposing security improvements
Produce reports on endpoint compliance, remediation progress, and baseline coverage for leadership and stakeholders
Qualification
Required
3–5 years of experience in endpoint engineering and cybersecurity within complex, large-scale enterprise environments
Hands-on experience with SCCM/ConfigMgr, Jamf Pro, and/or Microsoft Intune
Experience packaging and deploying applications, patches, and security updates
Working knowledge of Group Policy and Intune configuration profiles
Proficiency in scripting and automation (PowerShell, Bash, Python)
Strong understanding of SDLC principles, from requirements through maintenance
Experience using Git and collaborative development workflows (branching, pull requests, peer reviews)
Ability to document technical solutions clearly for cross-team use
Knowledge of the CVE program, NIST Vulnerability Database, and CISA Known Exploited Vulnerabilities (KEV)
Experience implementing NIST 800-53, CIS Benchmarks, DISA STIGs, Microsoft Security Baselines, and macOS compliance frameworks
Experience using Tenable.SC or Tenable.VM
Ability to translate technical remediation into measurable security improvements
Strong analytical and problem-solving skills with a risk-reduction mindset
Clear communication skills for technical and non-technical audiences
Collaborative approach to working in a mixed Windows/macOS engineering team
Company
Swoon
In 2010, Swoon launched an agile, client-focused team that is not only savvy in our core industries but elbow-deep, every day, getting to know the strongest talent in the technology and professional fields.
501-1000 employees
H1B Sponsorship
Swoon has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (2)
2022 (1)
2021 (1)
2020 (1)
Funding
Current Stage
Late StageLeadership Team
Andy Baker
Co-Founder and Leadership Advisor
Alyssa Holtz
Client Partner
Company data provided by crunchbase