Senior Endpoint Security Engineer – Carbon Black & Symantec

Senior Endpoint Security Engineer – Carbon Black & Symantec

Contract or Contract to Hire

Remote USA

**No Agencies Please

Position Summary

We are seeking a Senior Endpoint Security Engineer with deep expertise in VMware Carbon Black and Symantec endpoint security platforms. This role owns the design, deployment, optimization, and lifecycle management of endpoint protection technologies across enterprise environments. The Senior Engineer will drive strategy, lead complex troubleshooting, mentor junior team members, and serve as a subject matter expert during threat investigations and architectural decisions.

Key Responsibilities

• Lead enterprise-wide deployment, configuration, and lifecycle operations for Carbon Black and Symantec endpoint platforms.

• Architect scalable endpoint security solutions aligned to organizational standards and zero-trust principles.

• Develop and refine advanced policies, application controls, EDR rules, tamper protection settings, and prevention controls.

• Oversee tuning activities to balance protection, performance, and operational efficiency.

• Serve as Tier 3 engineering escalation for endpoint security issues and agent health failures.

• Lead deep-dive incident investigations using Carbon Black and Symantec telemetry, process analysis, and behavioral tracking.

• Build integrations with SIEM, SOAR, vulnerability management, and IT ops tools.

• Drive automation of endpoint management tasks through PowerShell, Python, or Bash.

• Create enterprise standards, architecture documentation, runbooks, and engineering playbooks.

• Mentor mid-level and junior engineers; contribute to team capability development.

• Evaluate new capabilities, conduct PoCs, and recommend improvements to endpoint strategy.

• Support compliance requirements including ISO 27001, NIST CSF, CIS Controls, and sector-specific mandates.

Required Qualifications

• 6–10 years of experience in information security or endpoint engineering roles.

• Expert-level experience with VMware Carbon Black (App Control, EDR, Cloud) including advanced policy design, incident response, and console administration.

• Expert-level experience with Symantec endpoint security platforms (SEP, SES, Symantec EDR, content policy tuning).

• Strong understanding of endpoint forensics, malware analysis fundamentals, and attacker tradecraft.

• Proficiency with Windows, macOS, and/or Linux endpoint internals and event logging.

• Demonstrated experience integrating endpoint data with SIEM/SOAR platforms.

• Ability to lead complex troubleshooting involving OS, network, and security layers.

• Strong documentation, communication, and technical leadership abilities.

Preferred Qualifications

• Experience designing enterprise security architectures or zero-trust endpoint models.

• Significant experience in environments with 5,000+ endpoints.

• Development or automation experience with PowerShell, Python, Bash, or REST APIs.

• Experience with threat modeling, purple teaming, or incident response leadership.

• Certifications such as CBCA, CBCM, Symantec/Broadcom certifications, GSEC, GCED, GCIA, GCFA, or similar.

Soft Skills & Leadership

• Strong ownership mindset with the ability to drive outcomes with minimal oversight.

• Capable of leading cross-functional initiatives involving SOC, IT, cloud engineering, and compliance teams.

• High judgment and ability to balance business, operational, and security requirements.

• Able to communicate complex technical concepts to executives and non-technical stakeholders.

• Mentors others, raises team maturity, and establishes engineering best practices.

Hiring Assumptions: Potential Start date - January 1, 2026