Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Endpoint Security Engineer [Remote]

$174k - $320k

Included Health

Remote
  • Remote job

The Staff Endpoint Security Engineer is a critical, hands-on technical role responsible for designing, implementing, and maintaining robust security controls and detection mechanisms across all company and Bring-Your-Own-Device (BYOD) endpoints, including laptops, desktops, mobile phones, and other devices used by staff and contractors. This role is pivotal in protecting Included Health's sensitive data, particularly Protected Health Information (PHI), by preventing unauthorized exfiltration from endpoints and ensuring the security of devices accessing company resources. You will be instrumental in architecting and deploying advanced endpoint defenses, managing security tools, and contributing to threat response to reduce the number and criticality of HIPAA-related incidents. We are looking for deep technical expertise in endpoint security across diverse operating systems (Windows, macOS, ChromeOS, iOS, Android), strong automation skills for building and maintaining defenses, and a proactive approach to identifying and remediating vulnerabilities. This is a remote role reporting to the Chief Information Security Officer. 

Responsibilities:

  • Develop, implement, and maintain a comprehensive endpoint security strategy, architecture, and roadmap covering all corporate and BYOD endpoints, with a focus on proactive defense and detection engineering.
  • Design and enforce security configurations, hardening standards, and baselines for diverse operating systems (Windows, macOS, ChromeOS, iOS, Android, and potentially others) to minimize attack surfaces.
  • Lead the selection, deployment, administration, and optimization of endpoint security solutions, including Endpoint Detection and Response (EDR/XDR) for threat detection, Mobile Device Management (MDM/UEM) for policy enforcement, Data Loss Prevention (DLP) for data protection, anti-malware, and endpoint encryption.
  • Develop and implement robust DLP policies and controls to prevent PHI and other sensitive data from leaving authorized systems via endpoints.
  • Manage endpoint encryption technologies (e.g., BitLocker, FileVault, mobile encryption) to ensure data at rest is protected.
  • Proactively look for threats on endpoints to identify gaps in defenses and inform the development of new detection capabilities.
  • Support and provide expertise during incident response activities for endpoint-related security events, with a focus on root cause analysis to enhance preventative and detective controls.
  • Conduct vulnerability assessments, manage endpoint patching and remediation efforts to address identified weaknesses in a timely manner, strengthening overall endpoint resilience.
  • Develop, document, and enforce endpoint security policies, standards, and procedures, particularly for BYOD environments, ensuring compliance with HIPAA and other relevant regulations.
  • Automate endpoint security tasks, compliance checks, defensive measure deployments, and reporting using scripting languages (e.g., Python, PowerShell, Bash) and security orchestration tools.
  • Collaborate closely with IT operations, network security, application development, and legal/compliance teams to ensure a cohesive security posture and integrate endpoint defenses.
  • Provide expert consultation and support to end-users and IT staff on endpoint security matters and best practices.
  • Stay current with the latest endpoint threats, vulnerabilities, and security technologies to continuously improve our defenses.

Qualifications:

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • 5+ years of experience in endpoint security, with a strong emphasis on designing, building, implementing, and managing security controls, detection mechanisms, and defensive capabilities across a diverse range of endpoint operating systems (Windows, macOS, iOS, Android).
  • Proven hands-on experience with leading Endpoint Detection and Response (EDR/XDR) solutions (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Carbon Black) for threat detection engineering and security policy enforcement.
  • Demonstrable experience with Mobile Device Management (MDM) / Unified Endpoint Management (UEM) platforms (e.g., Microsoft Intune, Jamf Pro, VMware Workspace ONE, Kandji, MobileIron) for enforcing security configurations and policies.
  • Strong knowledge of endpoint hardening techniques, security configuration management, and policy enforcement across multiple OS platforms, with a focus on building resilient systems.
  • Experience designing and implementing endpoint Data Loss Prevention (DLP) strategies and tools.
  • Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automating endpoint security tasks, tool integrations, and deployment of defensive measures.
  • Experience with endpoint attack vectors, malware, persistence mechanisms, and designing effective mitigation and detection techniques.
  • Experience with endpoint vulnerability management, patch management processes, and tools, focused on proactive remediation.
  • Experience with network security principles (TCP/IP, DNS, DHCP, VPNs, firewalls) as they relate to designing and implementing endpoint security controls.
  • Experience working in regulated environments and a strong understanding of HIPAA compliance requirements as they apply to endpoint protection and data handling.

Pay:

The United States new hire base salary target ranges for this full-time position are:

Zone A: $174,320 - $246,230 + equity + benefits

Zone B: $191,752 - $270,853 + equity + benefits

Zone C: $209,184 - $295,476 + equity + benefits

Zone D: $226,616 - $320,099 + equity + benefits

This range reflects the minimum and maximum target for new hire salaries for candidates based on their respective Zone. Below is additional information on Included Health's commitment to maintaining transparent and equitable compensation practices across our distinct geographic zones.

Starting base salary for you will depend on several job-related factors, unique to each candidate, which may include education; training; skills; years and depth of experience; certifications and licensure; our needs; internal peer equity; organizational considerations; and understanding of geographic and market data. Compensation structures and ranges are tailored to each zone's unique market conditions to ensure that all employees receive fair and great compensation package based on their roles and locations. Your Recruiter can share your geographic zone upon inquiry.

Benefits & Perks:

In addition to receiving a great compensation package, the compensation package may include, depending on the role, the following and more:

Remote-first culture

401(k) savings plan through Fidelity

Comprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance)

Paid Time Off ("PTO") and Discretionary Time Off (“DTO")

12 weeks of 100% Paid Parental leave

Family Building & Compassionate Leave: Fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption or pregnancies.

Work-From-Home reimbursement to support team collaboration home office work

Your recruiter will share more about the salary range and benefits package for your role during the hiring process.

About Included Health

Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation. We’re on a mission to raise the standard of healthcare for everyone. We break down barriers to provide high-quality care for every person in every community — no matter where they are in their health journey or what type of care they need, from acute to chronic, behavioral to physical. We offer our members care guidance, advocacy, and access to personalized virtual and in-person care for everyday and urgent care, primary care, behavioral health, and specialty care. It’s all included. Learn more at**  includedhealth.com .**

Included Health is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, state, or local law. Included Health considers all qualified applicants with arrest or conviction records in accordance with the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance, and California law.

Vacancy posted more than 2 months ago
Similar jobs that could be interesting for youBased on the Staff Endpoint Security Engineer [Remote] in Remote vacancy
  • $69.4k - $158k

     ...Job Number: R0239310 Endpoint Security Engineer The Opportunity : Implement and maintain endpoint security solutions, including application control, next-generation antivirus, privilege management, and vulnerability remediation.Assist with and enforce policies... 
    Suggested
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    McLean, VA
    3 days ago
  •  ...Focuses on securing all enterprise-managed endpoints through policy enforcement, compliance monitoring, device protection controls, and integration of...  ...Experience collaborating with enterprise security and engineering teams. Strong understanding of MDM/MAM security frameworks... 
    Suggested
    Remote work

    AAC

    Wisconsin
    3 days ago
  • $69.4k - $158k

     ...Endpoint Security Engineer The Opportunity Implement and maintain endpoint security solutions, including application control, next‑generation antivirus, privilege management, and vulnerability remediation. Assist with and enforce policies for device compliance and secure... 
    Suggested
    Casual work
    Work at office
    Local area
    Remote work

    Dormont Manufacturing Company

    Bismarck, ND
    4 days ago
  • $93.37k - $153.4k

     ...Job Title: Endpoint Security Engineer Role Overview: This role will be responsible for designing and implementing security controls to protect data, applications, and infrastructure from evolving cyber threats. The Security Engineer will collaborate cross-functionally... 
    Suggested
    Temporary work
    Work at office
    Relocation package
    Flexible hours

    SwiftCruit

    Wausau, WI
    4 days ago
  • $93.37k - $153.4k

     ...Job Title Endpoint Security Engineer Role Overview This role will be responsible for designing and implementing security controls to protect data, applications, and infrastructure from evolving cyber threats. The Security Engineer will collaborate cross‑functionally to... 
    Suggested
    Temporary work
    Work at office
    Relocation package
    Flexible hours

    McAfee

    Frisco, TX
    3 days ago
  •  ...Seeking hands-on Endpoint Security Engineers for a contract position, the role will manage and support endpoint security tools, contribute to migration efforts, and perform engineering tasks, with opportunities for remote work or on-site in Richmond/Mclean, VA. Key responsibilities... 
    Contract work
    Remote work

    Virtual Vocations Inc

    United States
    1 day ago
  •  ...Staff Endpoint Security Engineer ChargePoint is at the center of the electric vehicle revolution, powering one of the world's leading EV charging networks and a comprehensive set of hardware, software, and mobile solutions for every charging need across North America... 
    Remote work

    ChargePoint

    United States
    13 hours ago
  • $130k

     ...mission that can save the world! About the Role: The Senior Security Endpoint Engineer owns the full lifecycle of endpoint security and management...  ...much as patch compliance and deployment reliability — and staff experience is a first-class outcome alongside security... 
    Full time
    Local area
    Remote work

    Dragos

    United States
    1 day ago
  •  ...McAfee Consultant Downey, CA - Remote 12+ months Description: A Security Engineer serves as the security engineer of complex technology implementations in a product-centric environment; is comfortable with bridging the gap between legacy... 
    Remote work

    West Advanced Technologies

    Downey, CA
    2 days ago
  • $134.6k - $184.5k

     ...business requirements and how those requirements translate into security features and functionality. Assist with development of cyber...  ...with implementation, administration, and maturation of Endpoint Detection and Response (EDR) Mobile Device Management (MDM) and... 
    Work experience placement
    Local area
    Remote work
    Work from home

    Optiv

    Boise, ID
    5 days ago
  • $104k - $156k

     ...Posting Type Remote/Hybrid Job Overview The Advanced Security Engineer is a technically deep, hands-on practitioner who forms the...  ...redundancy through all security layers. Endpoint Security & Hardening Deploy, integrate, optimize and manage... 
    Remote work

    Relativity

    New Orleans, LA
    5 days ago
  • $100k - $140k

     ...keep reading - this may be your next great opportunity. As a Security Engineer, you will be part of BlackCloak’s internal technology team...  ...tooling and principles. Collaborate with the IT team to enhance endpoint security policies within EDR tools such as SentinelOne,... 
    Full time
    Temporary work
    Remote work
    Home office
    Flexible hours
    Shift work

    BLACKCLOAK

    New York, NY
    3 days ago
  •  ...developer  to drive the development and enhancement of their cloud security monitoring platform. This role involves building robust...  ...scripting across these operating systems, including deployment and endpoint management scenarios. Knowledge of Mobile Device Management... 
    Remote job
    Permanent employment
    Remote
    more than 2 months ago
  •  ...newcomers to the space. Kraken is committed to industry-leading security , crypto education , and world-class client support...  ...level guidance but indeed get deeply embedded in the different engineering teams and do not mind hands-on work. Our projects span from... 
    Local area
    Remote work

    Kraken

    Garland, TX
    15 days ago
  •  ..., data operations and cybersecurity. We secure some of the most sensitive data for the...  ...allowance ~ PTO and more Service Desk Engineering Lead / Engineer - this is a remote...  ...Service Desk Manager role, this is Senior Endpoint/Security Engineer position The Role:... 
    Contract work
    Temporary work
    Remote work

    Chameleon Integrated Services

    Saint Louis, MO
    7 days ago
  •  ...configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability...  ...instructions on all work. Network Engineering - Is aware of TCP/IP network... 
    Remote job
    Worldwide

    Columbus, GA | Move to Meaningful

    Remote
    more than 2 months ago
  •  ...infrastructure. We are seeking a Senior Security Engineer working directly with Endeavour’s IT...  ...such as vulnerability management, SIEM, endpoint detection, SAST/DAST, container...  ...work with technical and non-technical staff Strong written and verbal communication... 
    Local area
    Remote work
    Flexible hours

    Endeavour

    Indianapolis, IN
    15 days ago
  • $70k - $100k

     ...• Job Title: Japanese Bilingual Mid-Senior Network / Security Engineer • Client: Japanese IT Company • Working Location: New...  ...Build, operate, and enhance security technologies such as endpoint protection and network security platforms Respond to infrastructure... 
    Full time
    For subcontractor
    Remote work
    Visa sponsorship
    Weekend work
    2 days per week
    3 days per week

    Cinter Career Services

    New York, NY
    14 hours ago
  •  ...filled.*** The Redding Rancheria is seeking a Information Security Engineer. The preferred schedule for this position is Monday through...  ..., NIST, ISO 27001, CIS). # Expertise in network security, endpoint protection, identity and access management, and data protection... 
    Hourly pay
    Temporary work
    Monday to Friday

    Redding Rancheria

    Redding, CA
    7 days ago
  • $164.8k - $228.4k

     ...The Team Upstart's Information Security team is dedicated to advancing security...  ...security design. As a Senior Security Engineer focused on Data Security , you will play...  ...edge AI data protection tooling such as endpoint DLP, data classification, or posture... 
    Summer work
    Currently hiring
    Local area
    Remote work
    Work from home

    UpStart

    United States
    4 days ago
  • $218.3k - $272.9k

     ...As Marqeta’s Principal Security Engineer you will serve as the technical lead across our security engineering function. This role combines...  ...and provide technical oversight for infrastructure security—endpoint protection, network security, VPN, and enterprise security controls... 
    Work at office
    Remote work
    Flexible hours

    MQ Referrals Only

    Lexington, KY
    15 days ago
  •  ...Security Engineer On a mission to deliver affordable, delightful healthcare for all, First Stop Health provides connected, whole-person...  ...security vulnerabilities across applications, cloud environments, endpoints, and infrastructure Partner with system owners and... 
    Summer work
    Remote work
    Flexible hours

    First Stop Health

    United States
    3 days ago
  •  ...Your Job The Sr. Network Security Engineer (Zscaler Specialist) will be part of a global infrastructure organization responsible for...  ...wireless, firewalls, datacenter networking, load balancing, endpoint security, and proxies. We provide enterprise infrastructure... 
    Work at office
    Local area
    Remote work
    Flexible hours

    Koch

    Green Bay, WI
    3 days ago
  • $150k - $250k

     ...to thrive - in our offices or yours. Job Summary The Security Engineer - Google collaborates with account and specialty teams to assess...  ...various security technologies, including firewalls, endpoint protection, email security, and identity management, to identify... 
    Work experience placement
    Work at office
    Remote work
    Worldwide
    Flexible hours

    SHI GmbH

    Austin, TX
    15 hours ago
  •  ...a dedicated and experienced Principal Security Engineer to join our team. In this role, you will...  ...Testing Communicate risks to engineering staff through training and technical...  ...areas such as network security, SASE, endpoint security, cloud security, identity and... 
    Contract work
    Work experience placement
    Remote work

    Insight Global

    New York, NY
    15 hours ago
  •  ...Summary We are seeking a highly technical, hands-on IT Security Engineer to help build and mature the cybersecurity program of a food & beverage...  ...Ensure secure configuration, deployment, and management of endpoint protection (SentinelOne). Collaborate with the IT... 
    Permanent employment
    Full time
    Work at office
    Remote work

    Ken's Foods

    United States
    15 hours ago
  •  ...Owning the security engineering and IT infrastructure, the full-time IT Security Engineer will manage architecture strategy, hands-on delivery, and technical leadership across identity, endpoint, security operations, and compliance in a remote setting. Key Responsibilities... 
    Full time
    Remote work

    Virtual Vocations Inc

    United States
    2 days ago
  •  ...Senior Security Engineer Remote Europe | Remote Asia Talent wanted. For hazardous journey. Small wages, bitter cold, long months of...  ...maintain security infrastructure: SIEM, vulnerability scanning, endpoint protection, logging — the things that let us sleep at night... 
    Contract work
    Remote work
    Free visa
    Sleeping nights
    2 days per week

    Nansen

    United States
    2 days ago
  • $180k - $220k

     ...Network Security Engineer San Francisco, California, United States; Seattle, Washington, United States Who We Are Lightning AI is...  ...QRadar), vulnerability scanners (e.g., Nessus, Qualys), and endpoint security solutions. Relevant Certifications, such as CCNP... 
    Work at office
    Work from home
    Flexible hours
    2 days per week

    Lightning AI

    Seattle, WA
    2 days ago
  •  ...Security Engineer This is Flox's first dedicated security hire. You'll work directly with engineering leadership to stand up security...  ...it, triage it, fix things, don't just generate reports Endpoint Protection Deploy and manage endpoint protection across... 
    Immediate start
    Remote work
    Flexible hours

    Flo-X

    United States
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Endpoint Security Engineer [Remote]. Be the first to apply!