×
Register Here to Apply for Jobs or Post Jobs. X

Endpoint Security Engineer

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Epoch Biodesign
Full Time position
Listed on 2026-07-14
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 170000 - 205000 USD Yearly USD 170000.00 205000.00 YEAR
Job Description & How to Apply Below

Crusoe is on a mission to accelerate the abundance of energy and intelligence. As the only vertically integrated AI infrastructure company built from the ground up, we own and operate each layer of the stack — from electrons to tokens — to power the world's most ambitious AI workloads. When you join Crusoe, you join a team that is building the future, faster.

We're in the midst of the greatest industrial revolution of our time. The demand for AI compute is boundless, and power is a bottleneck. We're solving that — with an energy-first approach that makes AI infrastructure better for the world and faster for the people innovating with AI.

We're looking for problem‑solving, opportunity‑finding teammates with a sense of urgency, who believe in the scale of our ambition and thrive on a path not fully paved — people who want to grow their careers alongside a team of experts across energy, manufacturing, data center construction, and cloud services.

If you want to do the most meaningful work of your career, help our customers and partners advance their AI strategies, and be part of a high-performing team that believes in each other, come build with us at Crusoe.

About the Role

Crusoe is seeking a Security Engineer to join the Security Engineering team as the primary driver for implementing security defaults and endpoint visibility. This is a strategic, architectural position focused on building secure-by-default endpoints that protect the organization as it scales. You will be responsible for security architecture, endpoint visibility, and maintaining our security posture across a rapidly growing global fleet of macOS, Windows, iOS, and Android devices.

This role involves cross‑functional partnership with Security and People Operations, with genuine scope to shape how Crusoe manages and secures endpoints. This role is onsite in San Francisco, CA, Sunnyvale, CA or Denver CO.

What You’ll Be Working On
  • Administer and continuously improve Jamf and Microsoft Intune environments across all managed device types: macOS, Windows, iOS, and Android; maintain configuration profiles, compliance policies, app deployment packages, and OS update enforcement across all platforms.
  • Build and maintain automated enrollment workflows including Apple Business Manager (ABM) and Windows Autopilot for zero-touch provisioning at scale.
  • Own a structured patch management program with clear SLAs for OS and application updates across all device platforms.
  • Define and enforce device compliance baselines aligned with Crusoe security standards and frameworks including CIS Benchmarks and SOC 2; integrate MDM telemetry with EDR and SIEM tooling for compliance drift visibility and proactive remediation.
  • Partner with Security on device trust policies, Conditional Access enforcement, certificate‑based authentication rollout (SCEP/PKCS), and network‑level access control for certificate‑based Wi‑Fi and VPN authentication.
  • Build and maintain scripts and automation in Bash, Python, or Power Shell to reduce manual IT workload; develop self‑service tooling that puts routine fixes and software requests directly in employees’ hands.
  • Own MDM runbooks, device policy documentation, and asset records; contribute to the standardization of enrollment workflows, naming conventions, and configuration baselines across all platforms.
  • Serve as the MDM escalation point in the IT on‑call rotation; partner with People Operations on seamless device provisioning and deprovisioning; mentor junior IT team members on endpoint management practices.
What You’ll Bring to the Team
  • Foundational Security

    Experience:

    Demonstrated experience with OSQuery and Crowd Strike (XDR/EDR) for endpoint visibility and threat detection.
  • Identity & Access Management: Deep understanding of Okta (Device Trust/Fast Pass) and Entra  (Conditional Access).
  • MDM/Endpoint Management: 3–6 years of experience with Jamf/Kandji and Microsoft Intune (Autopilot, Compliance Policies, App Protection).
  • Independent Engineering: A "Security-First" mindset and proven ability to drive R&D initiatives from planning through implementation independently, with a focus on automating security controls.
  • Scripting & Automation: Pr…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary