Enterprise Engineer IV

Hi

Hope you are well.

Role:
Enterprise Engineer IV

Location:
Chicago, IL

Job Description:

Seeking an experienced senior level endpoint security engineer with Windows, iOS, MacOS, and Android enterprise expertise. This position requires both technical as well as a non-technical policy-based skillset.

The security engineer will be responsible for the following:

• Detecting, remediating, and mitigating workstation and mobile security vulnerabilities

• Conduct extensive testing and supporting of critical applications and operating system updates against security vulnerabilities.

• Evaluating business needs then performing the following based on those needs:
o Engineering a complete and secure end user experience,
o Coordinating user acceptance testing,
o Documenting and engineering solutions based on discoveries of vulnerabilities,
o Implementation and maintenance of security benchmark standards.

• Understanding the balance of implementing security standards without production impact.

• Work closely with various IT teams to mitigate security risks per corporate standards and SLA's.

PRIMARY DUTIES AND RESPONSIBILITIES

• Manage a test group of over 1,000 endpoints, representative of all lines of business in the enterprise, to include alpha testing of new patches, application updates, operating systems, etc.
o Scope includes (but not limited to)
? Applications:
Java, Adobe Reader, Edge Chromium, Chrome, Firefox, WinSCP, Notepad++
? Operating Systems/Patching:
Windows, iOS, MacOS, and Android updates, and new feature functionality testing.
? Hardware vulnerability analysis:
Laptops, desktops, tablets, Macs, mobile devices.
o Responsibilities related to above include planning and coordinating application version releases, ongoing meetings, reporting results, troubleshooting, discussions with developers/vendors regarding upgrades, etc. Prioritization of vulnerability remediations which includes mitigation strategies while simultaneously preventing productivity outages.

• Candidate will work towards proactively providing an endpoint environment that is sufficiently hardened against vulnerabilities along with assuring that engineering efforts adhere to established corporate policy.

• Implementation of best practices for hardening an endpoint environment including security framework standards (STIG/NIST/CIS).

• Proactively detect and analyze system, applications, code, and hardware weaknesses pre-production. Make remediation and mitigation recommendations accordingly.

• Ability to prepare and participate in corporate risk projects as well as IT audits related to PCI, HIPPA, etc. as necessary.

• Understanding personal and team roles, contributing to a positive work environment by building solid relationships with team members, proactively seeking guidance, clarification, and feedback.

• Apply enterprise vision and standards to all projects. Prepare detailed documentation of all engineered work and solutions.

QUALIFICATIONS

Education:

• Bachelors, Current industry certifications and/or equivalent experience

Experience:

• 5+ years of experience providing security engineering of desktop and mobility infrastructure in a large enterprise environment required with aptitude in the following areas:
Active Directory, MDM, SCCM, GPOs, Windows 10 & 11, Kiosks, Virtual, Mobility (iOS, MacOS, Android), Reporting, strong documentation, and analytical skills.

• Detection, prioritization, and mitigation strategies for CVE vulnerabilities on endpoint systems (including OS, 3rd Party Applications, GPOs, Registry modifications, etc.)

• Understands and takes quick yet reliable action for zero-day vulnerabilities.

• Successful track record on implementation of security benchmarks STIG/NIST/CIS settings for an enterprise with minimal user impact.

• Engineering with focus on the key security concepts of Confidentiality, Integrity, and Availability.

• Extensive regression testing for enterprise core applications, monthly critical security patches, OS updates, etc.

• Broad infrastructure technology concepts around software, hardware, applications, end user interfaces, virtualization, business continuity, PCI compliance, internal auditing, reporting and total cost of ownership.

Preferred skills:

• Qualys/Nessus (or equivalent vulnerability detection systems), Sandboxing technologies (Cisco Malware Analytics), Injection Hunter, Encryption Technologies, CVE database, Crowd Strike, Sys Track, etc.

• Airline experience is ideal.

• Some knowledge of application packaging and Power Shell Interpretation is ideal.

--

Thanks & Regards,

Vamshi Krishna

Senior Technical Recruiter

KAAV Inc.

3925 75th St, Suite 101 A, Aurora IL - 60504
Email:  : P: