Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

EndPoint Security Engineer

$240k - $270k
Full-time

Ares Management Corporation

Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry. Job Description Cybersecurity Engineer – Infrastructure & Endpoint Security Engineer (Tech Lead) Job Family: Cybersecurity Engineering Reporting Relationships Reports to: Cybersecurity Control Engineering Manager Direct Reports: None Position Summary: We are seeking an experienced Cybersecurity Engineer to serve as the technical lead for enterprise endpoint defense, Microsoft 365 collaboration security, secure browsing, endpoint privilege management, and measurable security control maturity. This role will lead the design, deployment, tuning, lifecycle management, and continuous improvement of security platforms that protect corporate endpoints, servers, Microsoft 365 collaboration services, SaaS platforms, and cloud-connected assets from advanced threats while enabling reliable and frictionless business workflows. This role will work closely with Security Operations, Infrastructure, Desktop Engineering, Collaboration Services, Platform Engineering, Identity, Cloud Security, Network Security, GRC, Legal, Compliance, and other cross-functional teams to ensure endpoint, Microsoft 365, SaaS, and infrastructure security controls are secure by design, consistently deployed, operationally resilient, auditable, measurable, and aligned with enterprise security standards. Detailed Responsibilities / Duties: EDR/XDR Platforms: Lead the engineering, deployment, tuning, and scaling of CrowdStrike Falcon and/or Microsoft Defender for Endpoint platforms, including EDR, host firewall, identity protection, policy management, detection tuning, and exception handling, partnering with SOC CrowdStrike operational leadership Lifecycle Management: Own endpoint security platform lifecycle management, including sensor deployment strategy, upgrade planning, health monitoring, coverage gap remediation, rollback procedures, and change management coordination, partnering with SOC and Workstation operational leadership Secure Browsing Architecture: Architect, engineer, and enforce enterprise-wide security policies for secure enterprise browser technologies, including solutions such as Palo Alto Prisma Access Browser, partnering network operational leadership Microsoft 365 Collaboration Security: Engineer and mature security controls across Exchange Online, SharePoint Online, OneDrive, Microsoft Teams, and related Microsoft 365 workloads, including external sharing governance, guest access, link-sharing controls, tenant configuration baselines, collaboration risk reduction, and secure productivity enablement. Privilege Management: Engineer and maintain global Endpoint Privilege Management solutions using CyberArk and/or BeyondTrust to reduce or eliminate standing local administrator rights while preserving operational continuity. Security Automation: Build robust automation workflows and playbooks using PowerShell, Python, APIs, or workflow platforms to streamline deployment validation, threat containment, reporting, exception review, and control compliance. Engineering Escalation: Act as the engineering escalation point for complex endpoint incidents, security tooling issues, agent conflicts, detection gaps, and root-cause investigations in partnership with Security Operations and Infrastructure teams. Posture Hardening: Develop and review baseline security configurations aligned with CIS Benchmarks, NIST guidance, and enterprise standards for Windows, macOS, and Linux endpoints. Partner with vulnerability threat management (VTM) team as they report and manage compliance in this space. Ecosystem Integration: Integrate endpoint telemetry with SIEM, SOAR, XDR, vulnerability management, and reporting platforms to improve detection fidelity, response readiness, and measurable control effectiveness. Microsoft Security & Compliance Integration: Partner on Microsoft Defender for Office 365, Microsoft Purview, audit logging, sensitivity labeling, DLP, retention, eDiscovery support, and Microsoft 365 Secure Score improvements to strengthen collaboration security and data protection outcomes. Documentation & Audit: Create and maintain technical documentation, runbooks, dashboards, operational procedures, and audit evidence for endpoint security controls. Stakeholder Collaboration and Governance Cross-Functional Alignment: Collaborate with Security Operations, Infrastructure, Desktop Engineering, Collaboration Services, Identity, Cloud Security, Platform Engineering, Network Security, GRC, Legal, Compliance, and other cross-functional partners to implement endpoint, Microsoft 365, SaaS, and infrastructure security improvements. Risk Translation: Translate complex endpoint security risks, platform limitations, compliance needs, and technical issues into clear, actionable recommendations for both technical and non-technical stakeholders. Vendor Governance: Support vendor governance activities, including technology evaluation, roadmap alignment, service provider coordination, issue escalation, operational performance reviews, and contract or capability assessments. Change Management: Partner with change management, audit, and compliance teams to ensure endpoint security changes are properly assessed, documented, approved, implemented, validated, and evidenced. Collaboration Governance: Partner with collaboration platform owners, business stakeholders, Legal, and Compliance to define and operationalize secure collaboration standards, including external sharing, guest access, sensitivity labeling, retention, and data loss prevention requirements. Mentorship: Contribute to knowledge sharing across the team and mentor others on endpoint security architecture, troubleshooting practices, control validation, automation, and operational standards. Supervisory Responsibilities: None. This is an individual contributor role with strong expectations for technical ownership, cross-functional leadership, and mentoring through influence. Required Qualifications 8+ years of cybersecurity, endpoint security engineering, endpoint infrastructure, or related enterprise security experience. Strong hands-on expertise with endpoint security and Microsoft security platforms such as CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Palo Alto secure access or secure browser technologies, CyberArk, and/or BeyondTrust. Strong knowledge of Windows, macOS, and Linux operating systems, including endpoint hardening, troubleshooting, agent behavior, security baselines, and enterprise-scale deployment considerations. Strong understanding of endpoint networking, TLS traffic flows, proxy behavior, host firewall behavior, and how endpoint security controls interact across endpoint, network, cloud, identity, and SaaS environments. Experience with enterprise endpoint management and deployment tools such as Microsoft Intune, MECM/SCCM, Group Policy, Jamf, or equivalent platforms. Familiarity with cybersecurity controls for Microsoft 365 collaboration services, SaaS platforms, Microsoft Entra ID, Azure environments, conditional access, device posture, and Zero Trust concepts. Experience securing or governing Microsoft 365 collaboration workloads such as Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams, including external sharing, guest access, permissions, audit logs, and data protection controls. Experience with endpoint firewall products, vulnerability management processes, patch coordination, and basic network security principles. Deep critical-thinking skills with the ability to analyze detections, diagnose complex endpoint issues, distinguish true threats from false positives, and drive root-cause resolution under pressure. Demonstrated ability to identify repeatable operational work and implement automation using scripting, APIs, workflows, or infrastructure-as-code concepts. Experience developing endpoint security metrics, dashboards, compliance reports, exception tracking, or control effectiveness reporting. Effective communication and collaboration skills with the ability to work across technical and non-technical stakeholder groups. Preferred Qualifications Relevant certifications such as CrowdStrike Certified Falcon Administrator, GIAC, CISSP, Microsoft Security certifications, Azure Security Engineer Associate, or CyberArk/BeyondTrust platform certifications. Experience with PowerShell, Python, REST APIs, Microsoft Graph API, workflow automation, or configuration-as-code approaches. Experience with Microsoft Graph API, SharePoint Online Management Shell, Exchange Online PowerShell, Teams administration, or Microsoft 365 security and compliance automation. Experience integrating endpoint security telemetry with corporate SIEM, SOAR, XDR, case management, vulnerability management, or data analytics ecosystems. Experience implementing or supporting Microsoft 365 data protection capabilities such as sensitivity labels, DLP, retention policies, eDiscovery workflows, audit logging, Safe Links, Safe Attachments, and collaboration security reporting. Experience supporting endpoint security controls in regulated, audit-driven, or financial-services environments. Familiarity with Zero Trust security principles, identity-based access control, device posture, conditional access, and secure access service edge concepts. Leadership Qualifications Strong sense of ownership, accountability, and attention to detail. Ability to lead through influence, establish technical direction, and drive execution across cross-functional teams without direct reporting authority. Proven ability to develop structured processes that improve consistency, scalability, auditability, measurability, and operational efficiency. Ability to manage competing priorities and deliver reliable outcomes in a dynamic enterprise environment. Strong technical judgment and ability to balance security risk, operational stability, user experience, and business impact. Strong communication skills for bridging technical and business perspectives, including the ability to present risks, tradeoffs, and recommendations to leadership. Curiosity and growth mindset, with the ability to adapt to evolving endpoint, cloud, identity, AI, and threat landscapes. Education Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field preferred. Equivalent hands-on technical experience, relevant cybersecurity training, or nontraditional educational paths will also be considered. Reporting Relationships Principal, Cybersecurity Platform Engineering Compensation The anticipated base salary range for this position is listed below. Total compensation may also include a discretionary performance-based bonus. Note, the range takes into account a broad spectrum of qualifications, including, but not limited to, years of relevant work experience, education, and other relevant qualifications specific to the role. $240,000 - $270,000 The firm also offers robust Benefits offerings. Ares U.S. Core Benefits include Comprehensive Medical/Rx, Dental and Vision plans; 401(k) program with company match; Flexible Savings Accounts (FSA); Healthcare Savings Accounts (HSA) with company contribution; Basic and Voluntary Life Insurance; Long-Term Disability (LTD) and Short-Term Disability (STD) insurance; Employee Assistance Program (EAP), and Commuter Benefits plan for parking and transit. Ares offers a number of additional benefits including access to a world-class medical advisory team, a mental health app that includes coaching, therapy and psychiatry, a mindfulness and wellbeing app, financial wellness benefit that includes access to a financial advisor, new parent leave, reproductive and adoption assistance, emergency backup care, matching gift program, education sponsorship program, and much more. There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active. Ares Management Corporation (NYSE: ARES) is a leading global alternative investment manager offering clients complementary primary and secondary investment solutions across the credit, real estate, private equity and infrastructure asset classes. We seek to provide flexible capital to support businesses and create value for our stakeholders and within our communities. By collaborating across our investment groups, we aim to generate consistent and attractive investment returns throughout market cycles. As of March 31, 2026, Ares Management's global platform had approximately $644 billion of assets under management(1) with more than 4,400 employees operating across North America, South America, Europe, Asia Pacific and the Middle East. For more information, please visit Ares Management LLC (together with its related operating and administrative subsidiaries, “Ares Management”) is an Equal Employment Opportunity employer and considers all applicants for employment without regard to race, color, religion, ethnicity, creed, sex, age, national origin, alienage or citizenship status, disability, medical condition, pregnancy, marital status, partnership status, sexual orientation, status regarding public assistance, military or veteran status, domestic violence victim status, gender identity and expression, transgender status, genetic information, status as unemployed, political affiliation or any other characteristic protected by federal, state or local law. Ares Management will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Chance Initiative for Hiring Ordinance. (1) As of March 31, 2026. AUM amounts include funds managed by Ivy Hill Asset Management, LP., a wholly owned portfolio company of Ares Capital Corporation and registered investment adviser.

Vacancy posted 7 hours ago
Similar jobs that could be interesting for youBased on the EndPoint Security Engineer in Arlington, VA vacancy
  • Edgewater Federal Solutions is seeking an Engineer to provide advanced technical support in Washington, D.C. The role...  ...implementing solutions for enterprise network and endpoint environments, and supporting security functions for Windows and macOS. Key responsibilities... 
    Suggested

    Edgewater Federal Solutions

    Washington DC
    2 days ago
  •  ...You will deliver advanced front-line technical support, manage endpoint deployments, and coordinate with cybersecurity teams to ensure...  ...proficiency with Ivanti EPM, KACE, Intune, JAMF, and Entra ID/AD, and a focus on Zero Trust and security baselines. #J-18808-Ljbffr Sikich LLP
    Suggested
    Work at office

    Sikich LLP

    Washington DC
    1 day ago
  •  ...Job Description Job Description We are seeking an experienced Endpoint Engineering & Security Engineer with 8+ years of IT, endpoint engineering, or cybersecurity experience . The ideal candidate will have hands-on expertise in Windows and macOS workstation imaging... 
    Suggested
    Local area

    ASSYST, Inc.

    Washington DC
    9 days ago
  • $134.6k - $184.5k

     ...business requirements and how those requirements translate into security features and functionality. Assist with development of cyber...  ...Expertise with implementation, administration, and maturation of Endpoint Detection and Response (EDR) Mobile Device Management (MDM) and... 
    Suggested
    Remote job
    Work experience placement
    Local area
    Work from home

    Optiv

    Arlington, VA
    14 hours ago
  •  ...is assured, and the free world remains secure. Founded in 2024, Twenty Technologies...  ...Role Summary We are seeking IT Security Engineer to join our growing technology...  ...hardening of servers, workstations, and endpoints; manage patch management and system updates... 
    Suggested
    Full time
    Work at office
    Flexible hours

    Twenty

    Arlington, VA
    5 days ago
  • Jobtailor in the Washington, DC area seeks a senior IT/engineering lead to drive Apple/macOS engineering, design and optimize enterprise...  .... You will implement passwordless authentication, enforce endpoint security, and collaborate with cybersecurity and infrastructure teams... 

    Jobtailor

    Washington DC
    2 days ago
  •  ...and advanced troubleshooting. You will deploy, image, configure, and maintain Windows and macOS devices, mobile endpoints, and related hardware in a secure, compliant environment. You will manage identity and access using Entra ID/Active Directory and MFA, plus endpoint... 

    NucoreVision

    Washington DC
    14 hours ago
  • $134.6k - $184.5k

     ...across the U.S. This role requires approximately 10-15 years of experience, and expertise in technical architecture, especially with security solutions like Microsoft Defender and CrowdStrike. Candidates must possess strong interpersonal and communication skills, and be... 
    Remote job

    Optiv

    Arlington, VA
    3 days ago
  • $140k - $180k

    Job Title: Data Loss Prevention (DLP) Security Engineer Location: Remote Clearance Required: Active Secret or Top-Secret Salary Range:...  ...the parallel deployment of Forcepoint DLP technologies for endpoint and network data protection outside the M365 environment. The... 
    Remote job

    S2i2, Inc

    Washington DC
    14 hours ago
  •  ...Government Services company, is seeking an experienced Cloud Security Engineer with a TS/SCI clearance to support EHS and our government...  ...Prevention (DLP), Web Application Firewalls (WAF), Threat Intel, Endpoint Security Experience with Infrastructure as a Service (... 
    Work experience placement
    Local area
    Flexible hours

    Koniag Government Services

    Washington DC
    2 days ago
  • $166k - $220k

     ...Security Engineer Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities...  ...developing and implementing defensive controls across network, endpoint, and cloud environments Ability to work autonomously,... 
    Full time
    Work experience placement
    Immediate start

    Colorwave Inc

    Washington DC
    1 day ago
  •  ...cybersecurity professional for an on-site role at Fort Belvoir, VA. You will implement and maintain enterprise toolsets across endpoint security, EDR and NDR, while developing documentation for security capabilities and incident response. You will tune alerts, monitor... 

    Jobtailor

    Fort Belvoir, VA
    2 days ago
  • Security Operations Engineer (Senior) - NIGC Technology Automation & Management (TeAM), Inc. We are an equal employment opportunity employer. All...  ..., Syslog, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), Firewalls, M365 Cloud Security... 
    Full time
    Contract work
    Part time
    Remote work

    Technology,-Automation,-and-Management,-Inc.

    Washington DC
    3 days ago
  • Job Title Cybersecurity Engineer - Senior Location Washington, DC Eligibility Due to the...  ...Cybersecurity Engineer to support security initiatives in Washington, DC. This role...  ...manage security tools (e.g., SIEM, IDS/IPS, endpoint protection). Collaborate with engineering... 
    Contract work

    C3EL

    Washington DC
    14 hours ago
  •  ...exfiltration. Manage the full suite (Endpoint, Office 365, Identity, and Cloud) to...  ...experience in core components of the Microsoft security and management ecosystem designed for a...  ...~ Microsoft Certified Azure Security Engineer Associate (AZ-500) (Preferred) ~ SC-1... 
    For contractors
    Work at office

    3B Staffing LLC

    Arlington, VA
    2 days ago
  •  ...Senior Information Security Engineer In this contingent resource assignment, you may: Consult on or participate in moderately complex...  ...and directory services, email, internet, applications, and endpoint security Utilize subject matter knowledge in industry... 

    Mindlance

    McLean, VA
    2 days ago
  • MAG Aerospace is seeking a mid-level Endpoint Engineer in Fairfax, VA to manage and secure Windows and macOS devices within a Microsoft GCC High environment. You will handle Intune enrollment and configurations, patching, vulnerability remediation, and governance to improve... 

    TryApplyNow

    Fairfax, VA
    14 hours ago
  • MAG Aerospace seeks a mid‑to‑senior Endpoint Engineer to manage and secure Windows and macOS devices in a Microsoft GCC High environment. You'll handle Intune enrollment, configurations, and compliance policies while collaborating with Cybersecurity on vulnerability remediation... 

    MAG Aerospace

    Fairfax, VA
    4 days ago
  • $164.38k - $212.75k

     ...Qualifications: Skills: Information Assurance, Information System Security, Risk Assessments Certifications: None Experience:...  ...technology into opportunity as a Cybersecurity Systems Engineer/Information Systems Security Engineer (ISSE) with GDIT. A... 
    Temporary work
    For contractors
    Interim role
    Immediate start
    Remote work
    Worldwide
    Flexible hours

    General Dynamics Information Technology

    Washington DC
    4 days ago
  • Edgewaterit in Washington, DC is looking for an Engineer to provide advanced support for enterprise networks and endpoints. The role includes configuring and...  ...switches, and firewalls, while also managing security compliance with NIST frameworks. This position... 

    Edgewater IT LLC Defunct

    Washington DC
    4 days ago
  • Edgewater Federal Solutions, Inc. seeks an Engineer to provide advanced technical support for enterprise network and endpoint environments. Responsibilities include configuring...  ...network infrastructure, supporting network security initiatives, and managing endpoint imaging... 

    Edgewater Federal Solutions

    Washington DC
    14 hours ago
  •  ...Web Developer Security Engineer The Web Developer Security Engineering plays a pivotal role in protecting mission-critical web applications, APIs and sensitive data. The objectives are to embed robust security principles throughout the software development lifecycle... 
    Worldwide

    V Group

    Washington DC
    4 days ago
  • $140.25k - $189.75k

    General Dynamics Information Technology is seeking an experienced Endpoint Engineer in Washington, DC. The role involves managing the lifecycle of endpoint devices including Windows and macOS systems, OS imaging, patch management, and vulnerability remediation. Qualified... 

    General Dynamics Information Technology

    Washington DC
    2 days ago
  • $140.25k - $189.75k

     ...Skills: Configuration Management (CM) Endpoint Management IT Configuration Management...  ...US Citizenship Required: Yes Endpoint Engineer We are seeking an experienced Endpoint Engineer...  ...optimal performance, reliability, and security. Perform OS imaging, configuration, and... 
    Temporary work
    Flexible hours

    General Dynamics Information Technology

    Washington DC
    1 day ago
  • $55k - $59k

     ...VA. The ideal candidate will have over 8 years of experience in cybersecurity and network development, with a focus on secure platforms and endpoint security. An active Top Secret clearance is required alongside a Bachelor's degree in a related field. This full-time role... 
    Full time

    Systems Planning & Analysis

    Arlington, VA
    3 days ago
  • Phoenix Cyber is seeking a DLP Engineer to join our client delivery team. This onsite role focuses on defining and implementing endpoint and email data protection programs for large enterprises...  ...with business process owners to secure information exchanges and optimize risk... 
    Work at office

    Phoenix Cyber

    Washington DC
    2 days ago
  • SitusAMC in Washington, DC seeks an experienced Endpoint Management Specialist to act as a senior escalation point for Microsoft Intune and Automox, manage patching, configurations, and security baselines across enterprise endpoints, and coordinate deployments with IT... 

    SitusAMC

    Washington DC
    2 days ago
  • Description MSM Technology is seeking a Senior Endpoint Engineer to support the Department of Homeland Security in a fully cloud-based Microsoft Azure environment. The selected candidate will join a team of Windows cloud engineers and cybersecurity specialists responsible... 
    Temporary work

    MSM Tech Inc.

    Arlington, VA
    3 days ago
  • $140.5k - $210k

     ...intrusion detection, intrusion prevention, endpoint protection, and data analysis platforms...  ...in depth solution with a central security information and event management (SIEM)...  ...assessments to support information security engineering decisions to ensure Board information and... 
    Full time
    Work at office

    Federal Reserve Board

    Washington DC
    1 day ago
  • $140.5k - $210.5k

     ...proxies, intrusion detection and prevention systems, endpoint protection, data analysis platforms, security information and event management (SIEM) systems,...  ...assessments to support information security engineering decisions, ensuring Board information and systems... 
    Work at office
    Relocation

    Federal Reserve System

    Washington DC
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to EndPoint Security Engineer. Be the first to apply!