Tech Army, LLC · 6 hours ago
Endpoint Security Engineer- Cybersecurity
United States
Contract
Remote
Mid Level
3+ years expTech Army, LLC is seeking an Endpoint Security Engineer to enhance security operations and strengthen the security posture of client workstations. The role involves vulnerability management, endpoint remediation, automation, and compliance monitoring, while collaborating with the endpoint engineering team.
ConsultingIT ManagementSoftwareStaffing Agency
No H1B
U.S. Citizen Only
Responsibilities
Identify, analyze, and prioritize endpoint vulnerabilities using tools such as Tenable, Axonius, Jamf Pro, SCCM, Intune, Active Directory, and Entra
Assess environmental and operational factors that may impact remediation feasibility and timelines
Provide risk-based recommendations to improve the vulnerability management program
Develop, test, and deploy remediation scripts and configurations for Windows and macOS endpoints using tools such as Jamf, ConfigMgr/SCCM, Intune, and Group Policy
Write clear, maintainable scripts and automation (e.g., modular logic, meaningful naming, basic error handling and logging) that can be reused by the team
Document scripts and configurations with purpose, parameters, usage instructions, and any security considerations to support troubleshooting and cross-team adoption
Maintain an organized library of remediation artifacts; if applicable, help establish and use a version-controlled repository (e.g., Git) to track changes and support basic peer review
Contribute to secure baseline configurations aligned with Argonne CSPP, NIST 800-53 Rev 5, CIS Benchmarks, Microsoft Security Baselines, DISA STIGs, and/or macOS Security Compliance Project
Assist in development, testing, implementation, documentation of baseline configurations
Monitor baseline implementation for coverage, effectiveness, unapproved deviations, and required changes
Participate in regular team meetings to provide status updates, propose improvements, and discuss implementation strategies
Monitor endpoint compliance and provide reports on remediation effectiveness and baseline configurations to leadership and stakeholders
Qualification
Required
Level 3 or 4 candidate from Appendix C
3–5 years of experience in complex large enterprise environments
Hands-on expertise with SCCM, Jamf Pro, and/or Microsoft Intune for Windows and macOS endpoints
Experience packaging and deploying applications, security updates, and scripts across enterprise platforms
Familiarity with Group Policy and Intune for configuration management
Proficiency in automation scripting (PowerShell, Bash, Python) with emphasis on modular, reusable, and secure code
Strong grasp of SDLC principles: requirements gathering, design, implementation, testing, deployment, and maintenance
Experience with version control systems (Git) and collaborative development workflows (branching, pull requests, peer review)
Ability to document code and remediations clearly for cross-team adoption and knowledge transfer
Knowledge of CVE program, NIST Vulnerability Database, CISA Known Exploited Vulnerability Database, and overall vulnerability management processes
Experience implementing NIST 800-53 Rev 5, CIS Benchmarks, DISA STIGs, Microsoft Security Baselines, and macOS Security Compliance Project
Ability to translate technical fixes into measurable improvements in endpoint security posture
Experience using Tenable.SC or Tenable.VM as part of vulnerability management
Strong problem-solving skills with a focus on reducing organizational risk
Effective communication skills to convey technical concepts to both technical and non-technical stakeholders
Collaborative mindset for working within a mixed Windows/macOS engineering team
Preferred
U.S CITIZENS PREFERRED
Company
Tech Army, LLC
Tech Army, LLC is an 8(a) and DBE certified industry leader with over 30 years of success in providing IT consulting and end-to-end IT staff augmentation services.
51-200 employees
Funding
Current Stage
Growth StageLeadership Team
Jay Narang
Chief Executive Officer
Company data provided by crunchbase