The ideal candidate will have a passion for keeping the Windows Desktop and Server Operating Systems secure from all Cyber threats. This person will work closely with the Desktop Engineering, Server Engineering, Security Engineering and Operations teams to identify and implement all related security controls, policies, procedures (including security patching) and initiatives on physical, virtual and cloud platforms
Responsibilities:
- Keep current with the latest Windows Security related technologies and proactively identify those we should consider
- Conduct POC s, design proposed architecture, plan the implementation, and write documentation.
- Serve on a team of resident experts in the Microsoft desktop operating system discipline who diligently interface with other engineering groups to ensure continued relevance of the technical solutions.
- Troubleshoot security related issues escalated from Operational Engineering and recommend and develop solutions that can proactively be deployed
- Raise and represent change requests in Service Now and represent team in change related meetings
Mandatory Technical Experience
- Expert level experience with Windows OS, registry, file system and Event logs
- Experienced subject matter expert with hands on experience with endpoint security technologies like Endpoint Detection
- Response (EDR), Anti-malware solutions & Data Loss Prevention
- Mastery in log file analysis, fault isolation and diagnostic/assessment actions including root cause analysis, followed by the determination and self-directed execution of corrective actions.
- In-depth understanding of operating system (OS) internals, the mechanics of OS exploits with preventive and detective controls
- Experience with Group Policy and Intune security related configuration and management.
- Troubleshooting and managing endpoints with Intune
- Experience in investigating security incidents with ability to analyze logs to uncover details of the compromise, systems involved, threat techniques etc.
- Strong troubleshooting skills in general. Especially around OS and security settings.
- A good understanding of Active Directory, Group Policy
- Experience with scripting: VB Script, PowerShell, Batch
- Familiarity with using MS Azure tools to create monitoring, and configuration management. Good to have skills but not mandatory
- Knowledge of Splunk search language is preferred
- Security certifications like Ethical Hacking or other specialized endpoint security certifications are preferred
- ITIL certification
- Creating documentation and presentations to represent new technologies
- Hardening OS and ensuring environment is consistent using MS Intune configuration management
- Assist with automation provided by MS InTune to manage the environment
- MCSE / MCP / MCSA
Education & Experience Requirements
- Experience collaborating between Windows Desktop, Server and Information Security teams.
- Driving the agreement and implementation of security mandates
- Experience balancing risk to the business functions with security risks
- Excellent Communication skills (Written and Verbal): o Clear and concise executive summaries
- Highly technical and detail oriented with peers
- 5+ years prior experience in a Desktop Engineering role
- 7+ years experience in working in IT services organization
- 3 years working in a Financial Services environment
- 5+ years of demonstrable and hands experience with endpoint security technologies
- B.S in Technology or Related area (proven experience can be used as a substitute).