Intermediate Identity and Endpoint Security Engineer
Listed on 2026-06-30
-
IT/Tech
Cybersecurity, Information Security, Data Security
Job Description
- IAM expertise: RBAC, access reviews, identity lifecycle, SSO, MFA, conditional access, PAM, Zero Trust
- Endpoint security: EDR/XDR, MDM/UEM, hardening, patching, compliance, and incident response
- Data protection: DLP, data classification, sensitivity labelling, retention policies, regulatory compliance
- Email & collaboration security: phishing/BEC detection, malware analysis, URL protection, SharePoint/One Drive security
- Automation: user/device provisioning & deprovisioning, security workflows, basic scripting (Power Shell/Python)
- Incident response: ransomware, phishing, malware, identity threats, and data loss events
- Governance & risk: security metrics, reporting, audits, risk assessments, and policy enforcement
- Strong analytical skills, problem-solving, cross-team collaboration, and continuous security improvement
Implement and support identity and access management (IAM) processes, including:
- Role-based access control (RBAC) assignments
- Access reviews and certifications
- Group and permission management
- Single Sign-On (SSO) integrations
- Multi-Factor Authentication (MFA) enforcement
- Conditional access policies
- Privileged Access Management (PAM) solutions
- Identity Governance processes
- Perform periodic access reviews and identify excessive or inappropriate privileges. Support the enforcement of least privilege and Zero Trust principles. Collaborate with all teams to ensure correct access provisioning and governance.
- Endpoint Detection and Response (EDR/XDR)
- Anti-malware solutions
- Mobile Device Management (MDM) / UEM platforms
Assist with endpoint hardening and configuration baselines.
Support patching and vulnerability remediation efforts in collaboration with infrastructure teams.
Ensure endpoint compliance with organizational security policies.
Assist in device onboarding, provisioning, and secure configuration.
Support incident response activities related to compromised or non-compliant devices.
Drive Automation Of- Endpoint provisioning and de-provisioning
- User provisioning and de-provisioning
- Compliance monitoring
- Threat containment and isolation workflows
Implement and operate Data Loss Prevention (DLP) capabilities across endpoints, email, and collaboration platforms.
Assist In The Implementation And Management Of
- Data classification and sensitivity labelling
- Data protection policies across email, file storage, and endpoints
- Data lifecycle and retention controls
- Support enforcement of data protection policies aligned with business and regulatory requirements.
Operate and maintain email security controls (e.g. Mimecast or similar platforms), including:
- Anti-phishing and impersonation protection
- Anti-malware and attachment scanning
- URL protection and link rewriting
Monitor And Investigate Email Security Alerts, Including
- Phishing attempts
- Business Email Compromise (BEC)
- Malicious attachments and links
- Assist in tuning email security policies to improve detection and reduce false positives. Collaborate across the business to reduce risks associated with account compromise and email-based attack vectors.
Assist in securing collaboration platforms (e.g. SharePoint, One Drive, file shares), including:
- External sharing controls
- Data access restrictions
- Misconfiguration and exposure risk identification
- Investigate and respond to security incidents and escalations across identity, endpoint, data protection, and email domains, including ransomware, malware outbreaks, device compromise investigations, DLP events, and phishing attempts.
Assist in tracking and reporting on key metrics such as:
- MFA adoption
- Endpoint compliance
- Patch status
- Access review completion
- Data classification and labelling
- Email security statistics
- Document incidents, findings, and remediation actions
- Support audit activities and provide evidence for identity and endpoint controls
- Identify opportunities for automation and process improvements
- Stay up to date with emerging threats and vulnerabilities related to identity and…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: