More jobs:
L2 Endpoint Security Engineer; Trend Micro
Job in
Riyadh, Riyadh Region, Saudi Arabia
Listed on 2026-01-01
Listing for:
proven
Full Time
position Listed on 2026-01-01
Job specializations:
-
Security
Cybersecurity
Job Description & How to Apply Below
Job Title
L2 Endpoint Security Engineer — Trend Micro Stack
LocationRiyadh
Job SummaryOwn Endpoint & Server protection operations for Client’s environment: agent health & coverage, policy baselines, pattern/engine updates, sandbox & network detection signal triage, Exchange/SharePoint scanning, storage AV scans, daily health checks, outbreak handling, and audit evidence packaging (tickets, approvals, scans, reports) aligned to NCA ECC. You will operate Trend Micro tools day‑to‑day, keep protection current, tune policies, and provide evidence mapped to NCA ECC controls across malware protection, logging/monitoring, incident handling, and change management.
In-scopeTrend Micro products (you will own)
- Apex One (agents/policies, pattern updates, outbreak control, XDR tie‑ins)
- Deep Security / Workload Protection for servers (anti‑malware, IPS, integrity monitoring, app control)
- Deep Discovery:
Inspector (DDI) network sandbox sensor;
Analyzer (DDA/DDAN) sandbox;
Director (DDD) centralized IOC/VA orchestration. - Smart Protection Server (SPS) (local reputation/update source)
- Server Protect for Storage (SPFS) (NAS/storage AV scanning)
- Portal Protect for SharePoint (malware/URL scanning for SharePoint)
- Scan Mail for Exchange (mailbox/transport scanning)
- Daily checks: agent connectivity, update status, policy compliance, signature versions; document KPIs and exceptions (Apex One & Deep Security).
- Maintain Smart Protection Server and update sources; ensure bandwidth‑efficient pattern delivery.
- Maintain standard policy sets (workstations/servers/VDI), ransomware shields, web reputation, behavior monitoring, tune exclusions safely (Apex One/Deep Security).
- Manage storage, SharePoint and Exchange scanning policies (SPFS, Portal Protect, Scan Mail).
- Operate Deep Discovery Inspector for lateral movement visibility; triage detections and pivot to Analyzer (DDAN/DDA) for detonation; use Director to distribute IOCs and VA images.
- Run IOC sweeps, isolate hosts, force updates/scan, uninstall/reinstall agents when needed; package incident evidence and RCA (Apex One/Deep Security/Deep Discovery).
- Track Trend advisories; plan patches (server/agents, DDI/DDA/DDD firmware), CAB docs, backout plan, and validation (
Note:
recent Apex One criticals—keep builds current).
- Forward events to SIEM; maintain dashboards for coverage, detections, quarantine, sandbox verdicts; archive reports to satisfy NCA ECC evidence.
- Maintain SOPs (agent rollout, policy baseline, outbreak runbook, sandbox triage, SPFS scans, Portal Protect/Scan Mail checks); run reverse‑shadowing for L1s.
Required Qualifications
- 3–5 years in endpoint/server security ops with Trend Micro stack; strong Windows/Linux admin.
- Demonstrated hands‑on across Apex One and at least two of:
Deep Security, DDI/DDA, SPS, SPFS, Portal Protect/Scan Mail. - ITIL change/incident, basic scripting (Power Shell) for deployment/health remediation.
- Trend Micro certifications; XDR/Vision One exposure;
Exchange/SharePoint admin basics.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×