Cyber Security Endpoint Engineer

Chicago Transit Authority provided pay range

This range is provided by Chicago Transit Authority. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$/yr - $/yr

The Cyber Security Endpoint Engineer is responsible for implementing and managing endpoint security solutions across the Chicago Transit Authority, including workstations, laptops, mobile devices, and servers. This role focuses on the deployment, configuration, and ongoing maintenance of endpoint protection technologies—such as antivirus, endpoint detection and response (EDR), and encryption tools—to safeguard devices from cyber threats. The engineer ensures consistent application of security policies, actively monitors endpoint health and threat activity, and works closely with IT and security teams to investigate incidents and support compliance across all endpoint platforms.

• Deploy, configure, and manage endpoint protection tools (e.g., EDR, NGAV, encryption, host-based firewalls).
• Deploy, configure, and manage endpoint remote access tools.
• Test endpoint security software to ensure compatibility and proper functionality across multiple operating systems, including Linux, Windows, and macOS.
• Monitor endpoint security alerts and logs to identify, analyze, and respond to threats or anomalies.
• Administer and maintain endpoint detection & response (EDR) platforms.
• Assist to develop and enforce endpoint security policies, including application control, device control, and encryption.
• Automate endpoint security tasks using scripting or centralized management tools.
• Integrate third-party tools (e.g., SIEM, SOAR, MDM, vulnerability scanners) with endpoint protection platforms.
• Assist in evaluating and onboarding new third-party tools for improved endpoint protection and visibility.
• Ensure reliable data flow and compatibility between endpoint security tools and enterprise systems through APIs and connectors.
• Troubleshoot integration issues between endpoint systems and third-party platforms.
• Maintain documentation of endpoint security architecture, configurations, procedures, and incident response activities.
• Perform regular assessments of system and endpoint configurations to ensure compliance with security standards and best practices.
• Assist in OS and software patch management initiatives for endpoints.
• Assist in vulnerability management efforts related to endpoints.
• Collaborate with IT Support and desktop engineering teams to ensure secure deployment and maintenance of cyber security endpoint software.
• Collaborate with IT and cyber security teams to investigate and remediate endpoint-related incidents.
• Researches and analyzes cybersecurity threat indicators and their behaviors for the prevention, detection, containment, and correction of security breaches, and recommends threat mitigation strategies.
• Assesses new security technologies to determine potential value for the enterprise.
• Performs related duties as assigned.

• Maintaining knowledge of current cyber technology tools, architectures, and trends in a rapidly changing field.
• Completing cyber activities requiring the assistance of other teams with competing priorities.

Bachelor’s degree in information security/cybersecurity, information technology, computer science or related field; including certifications such as Crowd Strike Certified Falcon Administrator or similar, and three to five years of work experience in cyber security endpoint management or related position for large enterprises, or an equivalent combination of education certifications and experience related to the position.

• Requires remaining in a stationary position for extended periods of time and constantly operating a computer.
• May be required to travel to various field locations.
• Must be able to lift, maneuver and carry material weighing up to 50 pounds.
• Service Area Requirement:
  Exempt (Non-Union) employees must live within the boundaries of the CTA Statutory Service Area either at the time of employment or within 6 months of beginning employment at CTA.