Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

EndPoint Security Engineer

$240k - $270k
Full-time

Ares Management Corporation

Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry. Job Description Cybersecurity Engineer – Infrastructure & Endpoint Security Engineer (Tech Lead) Job Family: Cybersecurity Engineering Direct Reports: None Position Summary: We are seeking an experienced Cybersecurity Engineer to serve as the technical lead for enterprise endpoint defense, Microsoft 365 collaboration security, secure browsing, endpoint privilege management, and measurable security control maturity. This role will lead the design, deployment, tuning, lifecycle management, and continuous improvement of security platforms that protect corporate endpoints, servers, Microsoft 365 collaboration services, SaaS platforms, and cloud-connected assets from advanced threats while enabling reliable and frictionless business workflows. This role will work closely with Security Operations, Infrastructure, Desktop Engineering, Collaboration Services, Platform Engineering, Identity, Cloud Security, Network Security, GRC, Legal, Compliance, and other cross-functional teams to ensure endpoint, Microsoft 365, SaaS, and infrastructure security controls are secure by design, consistently deployed, operationally resilient, auditable, measurable, and aligned with enterprise security standards. Detailed Responsibilities / Duties: EDR/XDR Platforms: Lead the engineering, deployment, tuning, and scaling of CrowdStrike Falcon and/or Microsoft Defender for Endpoint platforms, including EDR, host firewall, identity protection, policy management, detection tuning, and exception handling, partnering with SOC CrowdStrike operational leadership Lifecycle Management: Own endpoint security platform lifecycle management, including sensor deployment strategy, upgrade planning, health monitoring, coverage gap remediation, rollback procedures, and change management coordination, partnering with SOC and Workstation operational leadership Secure Browsing Architecture: Architect, engineer, and enforce enterprise-wide security policies for secure enterprise browser technologies, including solutions such as Palo Alto Prisma Access Browser, partnering network operational leadership Microsoft 365 Collaboration Security: Engineer and mature security controls across Exchange Online, SharePoint Online, OneDrive, Microsoft Teams, and related Microsoft 365 workloads, including external sharing governance, guest access, link-sharing controls, tenant configuration baselines, collaboration risk reduction, and secure productivity enablement. Privilege Management: Engineer and maintain global Endpoint Privilege Management solutions using CyberArk and/or BeyondTrust to reduce or eliminate standing local administrator rights while preserving operational continuity. Security Automation: Build robust automation workflows and playbooks using PowerShell, Python, APIs, or workflow platforms to streamline deployment validation, threat containment, reporting, exception review, and control compliance. Engineering Escalation: Act as the engineering escalation point for complex endpoint incidents, security tooling issues, agent conflicts, detection gaps, and root-cause investigations in partnership with Security Operations and Infrastructure teams. Posture Hardening: Develop and review baseline security configurations aligned with CIS Benchmarks, NIST guidance, and enterprise standards for Windows, macOS, and Linux endpoints. Partner with vulnerability threat management (VTM) team as they report and manage compliance in this space. Ecosystem Integration: Integrate endpoint telemetry with SIEM, SOAR, XDR, vulnerability management, and reporting platforms to improve detection fidelity, response readiness, and measurable control effectiveness. Microsoft Security & Compliance Integration: Partner on Microsoft Defender for Office 365, Microsoft Purview, audit logging, sensitivity labeling, DLP, retention, eDiscovery support, and Microsoft 365 Secure Score improvements to strengthen collaboration security and data protection outcomes. Documentation & Audit: Create and maintain technical documentation, runbooks, dashboards, operational procedures, and audit evidence for endpoint security controls. Stakeholder Collaboration and Governance Cross-Functional Alignment: Collaborate with Security Operations, Infrastructure, Desktop Engineering, Collaboration Services, Identity, Cloud Security, Platform Engineering, Network Security, GRC, Legal, Compliance, and other cross-functional partners to implement endpoint, Microsoft 365, SaaS, and infrastructure security improvements. Risk Translation: Translate complex endpoint security risks, platform limitations, compliance needs, and technical issues into clear, actionable recommendations for both technical and non-technical stakeholders. Vendor Governance: Support vendor governance activities, including technology evaluation, roadmap alignment, service provider coordination, issue escalation, operational performance reviews, and contract or capability assessments. Change Management: Partner with change management, audit, and compliance teams to ensure endpoint security changes are properly assessed, documented, approved, implemented, validated, and evidenced. Collaboration Governance: Partner with collaboration platform owners, business stakeholders, Legal, and Compliance to define and operationalize secure collaboration standards, including external sharing, guest access, sensitivity labeling, retention, and data loss prevention requirements. Mentorship: Contribute to knowledge sharing across the team and mentor others on endpoint security architecture, troubleshooting practices, control validation, automation, and operational standards. Supervisory Responsibilities: None. This is an individual contributor role with strong expectations for technical ownership, cross-functional leadership, and mentoring through influence. Required Qualifications 8+ years of cybersecurity, endpoint security engineering, endpoint infrastructure, or related enterprise security experience. Strong hands-on expertise with endpoint security and Microsoft security platforms such as CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Palo Alto secure access or secure browser technologies, CyberArk, and/or BeyondTrust. Strong knowledge of Windows, macOS, and Linux operating systems, including endpoint hardening, troubleshooting, agent behavior, security baselines, and enterprise-scale deployment considerations. Strong understanding of endpoint networking, TLS traffic flows, proxy behavior, host firewall behavior, and how endpoint security controls interact across endpoint, network, cloud, identity, and SaaS environments. Experience with enterprise endpoint management and deployment tools such as Microsoft Intune, MECM/SCCM, Group Policy, Jamf, or equivalent platforms. Familiarity with cybersecurity controls for Microsoft 365 collaboration services, SaaS platforms, Microsoft Entra ID, Azure environments, conditional access, device posture, and Zero Trust concepts. Experience securing or governing Microsoft 365 collaboration workloads such as Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams, including external sharing, guest access, permissions, audit logs, and data protection controls. Experience with endpoint firewall products, vulnerability management processes, patch coordination, and basic network security principles. Deep critical-thinking skills with the ability to analyze detections, diagnose complex endpoint issues, distinguish true threats from false positives, and drive root-cause resolution under pressure. Demonstrated ability to identify repeatable operational work and implement automation using scripting, APIs, workflows, or infrastructure-as-code concepts. Experience developing endpoint security metrics, dashboards, compliance reports, exception tracking, or control effectiveness reporting. Effective communication and collaboration skills with the ability to work across technical and non-technical stakeholder groups. Preferred Qualifications Relevant certifications such as CrowdStrike Certified Falcon Administrator, GIAC, CISSP, Microsoft Security certifications, Azure Security Engineer Associate, or CyberArk/BeyondTrust platform certifications. Experience with PowerShell, Python, REST APIs, Microsoft Graph API, workflow automation, or configuration-as-code approaches. Experience with Microsoft Graph API, SharePoint Online Management Shell, Exchange Online PowerShell, Teams administration, or Microsoft 365 security and compliance automation. Experience integrating endpoint security telemetry with corporate SIEM, SOAR, XDR, case management, vulnerability management, or data analytics ecosystems. Experience implementing or supporting Microsoft 365 data protection capabilities such as sensitivity labels, DLP, retention policies, eDiscovery workflows, audit logging, Safe Links, Safe Attachments, and collaboration security reporting. Experience supporting endpoint security controls in regulated, audit-driven, or financial-services environments. Familiarity with Zero Trust security principles, identity-based access control, device posture, conditional access, and secure access service edge concepts. Leadership Qualifications Strong sense of ownership, accountability, and attention to detail. Ability to lead through influence, establish technical direction, and drive execution across cross-functional teams without direct reporting authority. Proven ability to develop structured processes that improve consistency, scalability, auditability, measurability, and operational efficiency. Ability to manage competing priorities and deliver reliable outcomes in a dynamic enterprise environment. Strong technical judgment and ability to balance security risk, operational stability, user experience, and business impact. Strong communication skills for bridging technical and business perspectives, including the ability to present risks, tradeoffs, and recommendations to leadership. Curiosity and growth mindset, with the ability to adapt to evolving endpoint, cloud, identity, AI, and threat landscapes. Education Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field preferred. Equivalent hands-on technical experience, relevant cybersecurity training, or nontraditional educational paths will also be considered. Reporting Relationships Compensation The anticipated base salary range for this position is listed below. Total compensation may also include a discretionary performance-based bonus. Note, the range takes into account a broad spectrum of qualifications, including, but not limited to, years of relevant work experience, education, and other relevant qualifications specific to the role. $240,000 - $270,000 The firm also offers robust Benefits offerings. Ares U.S. Core Benefits include Comprehensive Medical/Rx, Dental and Vision plans; 401(k) program with company match; Flexible Savings Accounts (FSA); Healthcare Savings Accounts (HSA) with company contribution; Basic and Voluntary Life Insurance; Long-Term Disability (LTD) and Short-Term Disability (STD) insurance; Employee Assistance Program (EAP), and Commuter Benefits plan for parking and transit. Ares offers a number of additional benefits including access to a world-class medical advisory team, a mental health app that includes coaching, therapy and psychiatry, a mindfulness and wellbeing app, financial wellness benefit that includes access to a financial advisor, new parent leave, reproductive and adoption assistance, emergency backup care, matching gift program, education sponsorship program, and much more. There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active. Ares Management Corporation (NYSE: ARES) is a leading global alternative investment manager offering clients complementary primary and secondary investment solutions across the credit, real estate, private equity and infrastructure asset classes. We seek to provide flexible capital to support businesses and create value for our stakeholders and within our communities. By collaborating across our investment groups, we aim to generate consistent and attractive investment returns throughout market cycles. As of March 31, 2026, Ares Management's global platform had approximately $644 billion of assets under management(1) with more than 4,400 employees operating across North America, South America, Europe, Asia Pacific and the Middle East. For more information, please visit Ares Management LLC (together with its related operating and administrative subsidiaries, “Ares Management”) is an Equal Employment Opportunity employer and considers all applicants for employment without regard to race, color, religion, ethnicity, creed, sex, age, national origin, alienage or citizenship status, disability, medical condition, pregnancy, marital status, partnership status, sexual orientation, status regarding public assistance, military or veteran status, domestic violence victim status, gender identity and expression, transgender status, genetic information, status as unemployed, political affiliation or any other characteristic protected by federal, state or local law. Ares Management will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Chance Initiative for Hiring Ordinance. (1) As of March 31, 2026. AUM amounts include funds managed by Ivy Hill Asset Management, LP., a wholly owned portfolio company of Ares Capital Corporation and registered investment adviser.

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the EndPoint Security Engineer in New York, NY vacancy
  • Role, Inc. is seeking a Security Engineer with 10 years of experience in endpoint hardening and Active Directory security governance. The role involves implementing server and workstation hardening standards based on CIS Benchmarks and conducting security assessments in... 
    Suggested
    Flexible hours

    Role, Inc.

    New York, NY
    2 days ago
  • Overview Senior Endpoint Security Engineer is a senior technical position responsible for engineering, implementing, managing, and continuously improving enterprise endpoint security solutions across workstation, server, and operational technology endpoint environments... 
    Suggested
    Work experience placement
    Night shift

    Consolidated Edison Company of New York

    New York, NY
    2 days ago
  • Nscale, based in New York, is hiring a Staff Security Engineer to focus on Endpoint and Device Security. You'll build the security foundation for employees, ensuring secure, reliable configurations across various devices. The ideal candidate will have over 7 years in endpoint... 
    Suggested

    Nscale

    New York, NY
    2 days ago
  • Job Description - Security Engineer (Hardening, Active Directory & Endpoint Security) Position: Security Engineer Experience: 10 Years Location: Flexible / Hybrid / Onsite - NYC, NY This role is ideal for a security professional with deep expertise in endpoint hardening... 
    Suggested
    Flexible hours

    Birlasoft

    New York, NY
    2 days ago
  • Consolidated Edison Company of New York is seeking a Senior Endpoint Security Engineer to lead the design, deployment, and operation of enterprise endpoint security across workstations, servers, and OT endpoints. You will drive protection, monitoring, and response with... 
    Suggested

    Consolidated Edison Company of New York

    New York, NY
    2 days ago
  • NetCov is seeking an Endpoint Services Specialist to manage provisioning, deployment, and lifecycle support of endpoint devices across...  ...internal environments. You will ensure devices are configured securely and delivered per client standards, coordinating with Service Desk... 

    NetCov

    New York, NY
    1 day ago
  • $224k - $280k

     ...located in New York, is seeking an Enterprise Solution Engineer to align with client goals and security needs. This role involves technical sales support,...  ...conducting presentations, and engaging with customers in the endpoint space for prevention, EDR, and Threat Hunting. We... 

    SentinelOne

    New York, NY
    2 days ago
  • $172k - $236k

     ...do it. About the Role You'll be the architect of our endpoint security posture across the full fleet — macOS, Windows, and BYOD mobile...  ...click the right button. You'll partner with IT, SecOps, and engineering teams to sharpen our telemetry and detections, mentor other... 
    Remote job
    Full time
    Work at office
    Home office
    Relocation package
    Flexible hours

    Ramp

    New York, NY
    8 days ago
  • $70k - $100k

     ...• Job Title: Japanese Bilingual Mid-Senior Network / Security Engineer • Client: Japanese IT Company • Working Location: New...  ...Build, operate, and enhance security technologies such as endpoint protection and network security platforms Respond to infrastructure... 
    Full time
    For subcontractor
    Remote work
    Visa sponsorship
    Weekend work
    2 days per week
    3 days per week

    Cinter Career Services

    New York, NY
    2 hours ago
  • $120k - $150k

    MAG Aerospace is seeking a mid to senior level Endpoint Engineer in Idaho to manage and secure devices within a Microsoft GCC High environment. The role demands strong experience in Microsoft Intune along with skills in vulnerability management and endpoint governance.... 

    MAG Aerospace

    New York, NY
    5 days ago
  •  ...GPO) SecDevOps program provides advanced security, development, and operations support to...  ...Corporation is seeking a Zero Trust Security Engineer – Mid to support operational continuity...  .... Support deployment and validation of endpoint protection, log collection, and incident... 
    Contract work
    For contractors
    Work at office
    Local area
    Remote work

    Decision Point

    New York, NY
    4 days ago
  • $165k - $185k

     ...winter holidays). About the Role Betterment is hiring a Sr. Security Engineer, Corporate Information Security to be a principal member of...  ...improving identity architecture, privileged access controls, endpoint hardening standards, and our overall workforce security posture... 
    Temporary work
    For contractors
    Summer holiday
    Work at office
    Local area
    Flexible hours

    Betterment

    New York, NY
    2 days ago
  • $165k - $215k

    Senior Security Engineer, Infrastructure & Network Security New York, New York, United States Who we are The real world is the next frontier...  ...network visibility and monitoring Manage identity, access, endpoint, and server security platforms across the enterprise... 
    Temporary work
    Work at office
    Local area
    Remote work

    metropolis.io

    New York, NY
    2 days ago
  • $175k - $225k

    About Nscale Nscale is the GPU cloud engineered for AI. We provide cost‑effective, high‑performance infrastructure for AI...  ...powers the future. About the Role We're hiring a Staff Security Engineer focused on Endpoint and Device Security to build and operate the endpoint... 
    For contractors
    Work at office
    Local area
    Remote work
    Flexible hours

    Nscale

    New York, NY
    2 days ago
  •  ...Directory/ Priviledge Access Management Lead Engineer for one of our top tier global clients...  ...and managing Active Directory security controls and hardening initiatives Experience...  ...remediation Strong understanding of EDR, endpoint security, and security monitoring... 
    Long term contract
    Work experience placement
    Local area

    PRI Technology

    New York, NY
    2 days ago
  • CeDent invites a cybersecurity engineer contractor to join the team, focusing on protecting networks and endpoints. The role emphasizes IDS/IPS management, host-based security, and CyberArk PAM administration, with exposure to SIEM tools and modern security controls. The... 
    Hourly pay
    Contract work
    For contractors

    CeDent

    New York, NY
    1 day ago
  • A security consulting firm is seeking a Principal Consultant specializing in Azure, IAM, and Endpoint Solutions. The role involves leading architecture and optimization of Microsoft security solutions for enterprise clients, requiring over 10 years of IT security experience... 
    Remote job

    CrucialLogics

    New York, NY
    2 days ago
  •  ...Security Engineer II The Security Engineer II will be responsible for analyzing external and internal threats to protect sensitive data...  ...Security Incident and Event Management (SIEM), Network and Endpoint Detection and Response platforms (NDR/EDR), Advanced Malware... 

    MRINetwork

    New York, NY
    2 days ago
  •  ...Location: New York, NY Competencies: Network Security - 10+ years experience required! Key responsibilities: - Strategy and policy...  ...related Site categorization, whitelisting, shared drives, endpoint agents and customer-initiated requests. Troubleshoot Client... 

    Macpower Digital Assets Edge

    New York, NY
    2 days ago
  •  ...the Fortune 500. Every deal ships with a security questionnaire, a Trust Center deep-dive,...  .... Monitor adherence: MDM enrollment, endpoint protection coverage, SSO/MFA enforcement...  ...chops. We'd love someone who's lived on the engineering side too — comfortable in CI/CD, cloud... 

    Arist

    New York, NY
    21 hours ago
  • $125k - $156k

     ...opening with your name on it As a valued member of the Security Operations Center (SOC) team, the Security Engineer will be responsible for early and accurate...  ...part to play Monitor and analyze network, server, endpoint, database, and application activities for indicators... 
    Temporary work
    Local area
    Worldwide

    FanDuel

    New York, NY
    1 day ago
  •  ...operations focus—to join Jane Street’s IT Security team, and contribute to securing our...  ...technical solutions in collaboration with engineering teams to address security concerns Contributing...  ...disruptions Can deploy and implement Endpoint Security controls in highly available... 

    Jane Street

    New York, NY
    1 day ago
  • $164.8k - $228.4k

    The Team Upstart’s Information Security team is dedicated to advancing security practices...  ...security design. Role Senior Security Engineer - Data Security Position location: Remote...  ...edge AI data protection tooling such as endpoint DLP, data classification, or posture... 
    Work at office
    Remote work

    OhioX, Inc.

    New York, NY
    2 days ago
  • $64k - $75k

     ...multi-gigabit data speeds, low latency, and security to deliver highly reliable internet...  ...Overview We are looking for a Junior Security Engineer to join our Information Security team....  ...to SOC alerts, managing our email and endpoint security platforms, conducting basic log... 
    Internship
    Local area

    INSEEGO

    New York, NY
    2 days ago
  • $200k - $250k

    Senior Security Engineer $200k - $250k meaningful equity About Novig Novig is building America's #1 sports prediction market. Our mission...  ...automation Integrate and operate MDM/EDR platforms, ensuring endpoint visibility and enforcement at scale Partner cross-... 
    Work at office
    Night shift
    Weekend work

    Novig

    New York, NY
    4 days ago
  •  ...worldwide. How You'll Help Us Connect The World As a Senior Security Engineer, you will play a key role in building ANDREW's standalone...  ...design, implement, and operate security capabilities across endpoint, identity, cloud, data, and network security domains while supporting... 
    Work experience placement
    Worldwide

    ANDREW an Amphenol company

    New York, NY
    2 days ago
  • $113.4k - $252k

     ...driving the containment and remediation of security threats across our multi-cloud...  ...root‑cause analysis. Automation & SOAR Engineering: Use Tines to build and design workflows...  ...improving time‑to‑contain. Detection & Endpoint Monitoring: Manage and fine‑tune detection... 

    Navan

    New York, NY
    2 days ago
  • $167.5k - $235k

    Who You Are Justworks is looking for an experienced security engineer skilled in detection and response, who can help enhance and mature Justworks...  ...refine detections using telemetry from EDR, threat intel, endpoint and cloud posture platforms, and native AWS cloud services... 
    Local area

    Justworks

    New York, NY
    2 days ago
  • $135k

    Senior Security Engineer (June 2026) Company Description Butterfly Network, Inc. (NYSE: BFLY) is driving a digital revolution in ultrasound...  ...Access Management (IAM), Mobile Device Management (MDM), Endpoint Detection and Response (EDR), Vulnerability Management, Zero... 
    Work at office
    Immediate start
    Work visa
    Night shift
    Weekend work
    2 days per week
    3 days per week

    Butterfly Network

    New York, NY
    2 days ago
  • $134k - $176.4k

     ...your name on it We're seeking an experienced Enterprise Security Engineer with a passion for developing enterprise security controls strategies...  ...multiple domains: Zero Trust/Conditional Access approaches, Endpoint Security, Data Protection, Mobile Device Management (MDM),... 
    Temporary work
    Local area
    Worldwide

    FanDuel

    New York, NY
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to EndPoint Security Engineer. Be the first to apply!