Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

EndPoint Security Engineer

$240k - $270k
Full-time

Ares Management Corporation

Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry. Job Description Cybersecurity Engineer – Infrastructure & Endpoint Security Engineer (Tech Lead) Job Family: Cybersecurity Engineering Reporting Relationships Reports to: Cybersecurity Control Engineering Manager Direct Reports: None Position Summary: We are seeking an experienced Cybersecurity Engineer to serve as the technical lead for enterprise endpoint defense, Microsoft 365 collaboration security, secure browsing, endpoint privilege management, and measurable security control maturity. This role will lead the design, deployment, tuning, lifecycle management, and continuous improvement of security platforms that protect corporate endpoints, servers, Microsoft 365 collaboration services, SaaS platforms, and cloud-connected assets from advanced threats while enabling reliable and frictionless business workflows. This role will work closely with Security Operations, Infrastructure, Desktop Engineering, Collaboration Services, Platform Engineering, Identity, Cloud Security, Network Security, GRC, Legal, Compliance, and other cross-functional teams to ensure endpoint, Microsoft 365, SaaS, and infrastructure security controls are secure by design, consistently deployed, operationally resilient, auditable, measurable, and aligned with enterprise security standards. Detailed Responsibilities / Duties: EDR/XDR Platforms: Lead the engineering, deployment, tuning, and scaling of CrowdStrike Falcon and/or Microsoft Defender for Endpoint platforms, including EDR, host firewall, identity protection, policy management, detection tuning, and exception handling, partnering with SOC CrowdStrike operational leadership Lifecycle Management: Own endpoint security platform lifecycle management, including sensor deployment strategy, upgrade planning, health monitoring, coverage gap remediation, rollback procedures, and change management coordination, partnering with SOC and Workstation operational leadership Secure Browsing Architecture: Architect, engineer, and enforce enterprise-wide security policies for secure enterprise browser technologies, including solutions such as Palo Alto Prisma Access Browser, partnering network operational leadership Microsoft 365 Collaboration Security: Engineer and mature security controls across Exchange Online, SharePoint Online, OneDrive, Microsoft Teams, and related Microsoft 365 workloads, including external sharing governance, guest access, link-sharing controls, tenant configuration baselines, collaboration risk reduction, and secure productivity enablement. Privilege Management: Engineer and maintain global Endpoint Privilege Management solutions using CyberArk and/or BeyondTrust to reduce or eliminate standing local administrator rights while preserving operational continuity. Security Automation: Build robust automation workflows and playbooks using PowerShell, Python, APIs, or workflow platforms to streamline deployment validation, threat containment, reporting, exception review, and control compliance. Engineering Escalation: Act as the engineering escalation point for complex endpoint incidents, security tooling issues, agent conflicts, detection gaps, and root-cause investigations in partnership with Security Operations and Infrastructure teams. Posture Hardening: Develop and review baseline security configurations aligned with CIS Benchmarks, NIST guidance, and enterprise standards for Windows, macOS, and Linux endpoints. Partner with vulnerability threat management (VTM) team as they report and manage compliance in this space. Ecosystem Integration: Integrate endpoint telemetry with SIEM, SOAR, XDR, vulnerability management, and reporting platforms to improve detection fidelity, response readiness, and measurable control effectiveness. Microsoft Security & Compliance Integration: Partner on Microsoft Defender for Office 365, Microsoft Purview, audit logging, sensitivity labeling, DLP, retention, eDiscovery support, and Microsoft 365 Secure Score improvements to strengthen collaboration security and data protection outcomes. Documentation & Audit: Create and maintain technical documentation, runbooks, dashboards, operational procedures, and audit evidence for endpoint security controls. Stakeholder Collaboration and Governance Cross-Functional Alignment: Collaborate with Security Operations, Infrastructure, Desktop Engineering, Collaboration Services, Identity, Cloud Security, Platform Engineering, Network Security, GRC, Legal, Compliance, and other cross-functional partners to implement endpoint, Microsoft 365, SaaS, and infrastructure security improvements. Risk Translation: Translate complex endpoint security risks, platform limitations, compliance needs, and technical issues into clear, actionable recommendations for both technical and non-technical stakeholders. Vendor Governance: Support vendor governance activities, including technology evaluation, roadmap alignment, service provider coordination, issue escalation, operational performance reviews, and contract or capability assessments. Change Management: Partner with change management, audit, and compliance teams to ensure endpoint security changes are properly assessed, documented, approved, implemented, validated, and evidenced. Collaboration Governance: Partner with collaboration platform owners, business stakeholders, Legal, and Compliance to define and operationalize secure collaboration standards, including external sharing, guest access, sensitivity labeling, retention, and data loss prevention requirements. Mentorship: Contribute to knowledge sharing across the team and mentor others on endpoint security architecture, troubleshooting practices, control validation, automation, and operational standards. Supervisory Responsibilities: None. This is an individual contributor role with strong expectations for technical ownership, cross-functional leadership, and mentoring through influence. Required Qualifications 8+ years of cybersecurity, endpoint security engineering, endpoint infrastructure, or related enterprise security experience. Strong hands-on expertise with endpoint security and Microsoft security platforms such as CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Palo Alto secure access or secure browser technologies, CyberArk, and/or BeyondTrust. Strong knowledge of Windows, macOS, and Linux operating systems, including endpoint hardening, troubleshooting, agent behavior, security baselines, and enterprise-scale deployment considerations. Strong understanding of endpoint networking, TLS traffic flows, proxy behavior, host firewall behavior, and how endpoint security controls interact across endpoint, network, cloud, identity, and SaaS environments. Experience with enterprise endpoint management and deployment tools such as Microsoft Intune, MECM/SCCM, Group Policy, Jamf, or equivalent platforms. Familiarity with cybersecurity controls for Microsoft 365 collaboration services, SaaS platforms, Microsoft Entra ID, Azure environments, conditional access, device posture, and Zero Trust concepts. Experience securing or governing Microsoft 365 collaboration workloads such as Exchange Online, SharePoint Online, OneDrive, and Microsoft Teams, including external sharing, guest access, permissions, audit logs, and data protection controls. Experience with endpoint firewall products, vulnerability management processes, patch coordination, and basic network security principles. Deep critical-thinking skills with the ability to analyze detections, diagnose complex endpoint issues, distinguish true threats from false positives, and drive root-cause resolution under pressure. Demonstrated ability to identify repeatable operational work and implement automation using scripting, APIs, workflows, or infrastructure-as-code concepts. Experience developing endpoint security metrics, dashboards, compliance reports, exception tracking, or control effectiveness reporting. Effective communication and collaboration skills with the ability to work across technical and non-technical stakeholder groups. Preferred Qualifications Relevant certifications such as CrowdStrike Certified Falcon Administrator, GIAC, CISSP, Microsoft Security certifications, Azure Security Engineer Associate, or CyberArk/BeyondTrust platform certifications. Experience with PowerShell, Python, REST APIs, Microsoft Graph API, workflow automation, or configuration-as-code approaches. Experience with Microsoft Graph API, SharePoint Online Management Shell, Exchange Online PowerShell, Teams administration, or Microsoft 365 security and compliance automation. Experience integrating endpoint security telemetry with corporate SIEM, SOAR, XDR, case management, vulnerability management, or data analytics ecosystems. Experience implementing or supporting Microsoft 365 data protection capabilities such as sensitivity labels, DLP, retention policies, eDiscovery workflows, audit logging, Safe Links, Safe Attachments, and collaboration security reporting. Experience supporting endpoint security controls in regulated, audit-driven, or financial-services environments. Familiarity with Zero Trust security principles, identity-based access control, device posture, conditional access, and secure access service edge concepts. Leadership Qualifications Strong sense of ownership, accountability, and attention to detail. Ability to lead through influence, establish technical direction, and drive execution across cross-functional teams without direct reporting authority. Proven ability to develop structured processes that improve consistency, scalability, auditability, measurability, and operational efficiency. Ability to manage competing priorities and deliver reliable outcomes in a dynamic enterprise environment. Strong technical judgment and ability to balance security risk, operational stability, user experience, and business impact. Strong communication skills for bridging technical and business perspectives, including the ability to present risks, tradeoffs, and recommendations to leadership. Curiosity and growth mindset, with the ability to adapt to evolving endpoint, cloud, identity, AI, and threat landscapes. Education Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field preferred. Equivalent hands-on technical experience, relevant cybersecurity training, or nontraditional educational paths will also be considered. Reporting Relationships Principal, Cybersecurity Platform Engineering Compensation The anticipated base salary range for this position is listed below. Total compensation may also include a discretionary performance-based bonus. Note, the range takes into account a broad spectrum of qualifications, including, but not limited to, years of relevant work experience, education, and other relevant qualifications specific to the role. $240,000 - $270,000 The firm also offers robust Benefits offerings. Ares U.S. Core Benefits include Comprehensive Medical/Rx, Dental and Vision plans; 401(k) program with company match; Flexible Savings Accounts (FSA); Healthcare Savings Accounts (HSA) with company contribution; Basic and Voluntary Life Insurance; Long-Term Disability (LTD) and Short-Term Disability (STD) insurance; Employee Assistance Program (EAP), and Commuter Benefits plan for parking and transit. Ares offers a number of additional benefits including access to a world-class medical advisory team, a mental health app that includes coaching, therapy and psychiatry, a mindfulness and wellbeing app, financial wellness benefit that includes access to a financial advisor, new parent leave, reproductive and adoption assistance, emergency backup care, matching gift program, education sponsorship program, and much more. There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active. Ares Management Corporation (NYSE: ARES) is a leading global alternative investment manager offering clients complementary primary and secondary investment solutions across the credit, real estate, private equity and infrastructure asset classes. We seek to provide flexible capital to support businesses and create value for our stakeholders and within our communities. By collaborating across our investment groups, we aim to generate consistent and attractive investment returns throughout market cycles. As of March 31, 2026, Ares Management's global platform had approximately $644 billion of assets under management(1) with more than 4,400 employees operating across North America, South America, Europe, Asia Pacific and the Middle East. For more information, please visit Ares Management LLC (together with its related operating and administrative subsidiaries, “Ares Management”) is an Equal Employment Opportunity employer and considers all applicants for employment without regard to race, color, religion, ethnicity, creed, sex, age, national origin, alienage or citizenship status, disability, medical condition, pregnancy, marital status, partnership status, sexual orientation, status regarding public assistance, military or veteran status, domestic violence victim status, gender identity and expression, transgender status, genetic information, status as unemployed, political affiliation or any other characteristic protected by federal, state or local law. Ares Management will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Chance Initiative for Hiring Ordinance. (1) As of March 31, 2026. AUM amounts include funds managed by Ivy Hill Asset Management, LP., a wholly owned portfolio company of Ares Capital Corporation and registered investment adviser.

Vacancy posted 15 hours ago
Similar jobs that could be interesting for youBased on the EndPoint Security Engineer in Los Angeles, CA vacancy
  •  ...Network Security Engineer Downey, CA 12+ months Must be strong in CLI, ACI, AWS, Azure, Oracle Skills Required: Security Engineers will possess knowledge and experience in safeguarding sensitive data from cyber-attacks. Must have a minimum of ten (10)... 
    Suggested
    Flexible hours

    West Advanced Technologies

    Downey, CA
    2 days ago
  •  ...Graduation from an accredited four-year college or university with major coursework in cybersecurity, information technology security, computer engineering, computer information systems, computer science, management information systems or a related field. Full-time... 
    Suggested
    Full time
    Work experience placement
    Remote work

    RIT Solutions

    Glendale, CA
    2 days ago
  • $140k - $200k

     ...Solutions in 2025, and is now part of its ecosystem of safety and security technologies. With deep roots in DARPA research,...  ...OPPORTUNITY Silvus is seeking a full-time Senior Defensive Security Engineer - Embedded Systems that will report to the Director of... 
    Suggested
    Permanent employment
    Full time
    Relocation
    3 days per week

    Motorola Solutions

    Los Angeles, CA
    1 day ago
  • $160k - $215k

     ...us create it. Who you are Metropolis is seeking a Senior Security Engineer to establish and lead a dedicated infrastructure and network...  ...visibility and monitoring Manage identity, access, endpoint, and server security platforms across the enterprise Develop... 
    Suggested
    Temporary work
    Work at office
    Local area
    Remote work

    Metropolis

    Los Angeles, CA
    1 day ago
  • $99k - $232k

     ...work to identify vulnerabilities, develop secure systems, and provide proactive solutions...  ...in network security, cybersecurity engineering, or security consulting, including practical...  ...such as firewalls, IDS/IPS, SIEM, endpoint security, and cloud security solutions... 
    Suggested
    Full time
    H1b

    PwC

    Los Angeles, CA
    1 day ago
  • $105k - $150k

     ...help us create it. Who you are Metropolis is seeking a Security Engineer II to join our Information Security team and protect company...  ...enterprise security technologies ~ Demonstrate understanding of endpoint, network, identity, vulnerability, incident, and cloud... 
    Temporary work
    Work at office
    Local area

    Metropolis

    Los Angeles, CA
    21 days ago
  • $145k - $210k

     ...Senior Cyber Security Engineer Cooley is seeking a Senior Cyber Security Engineer to join the Security team. Position summary: Cooley...  ...~ Intrusion Detection and Prevention Systems ~ Endpoint Detection and Response (EDR) and management console ~ Web... 
    Full time
    Temporary work
    Work at office
    Flexible hours
    Weekend work

    Cooley

    Santa Monica, CA
    4 days ago
  • $140k - $150k

     ...meet the critical needs in the homeland security, healthcare, defense, and aerospace industries...  ...Systems is seeking a Sr. Cybersecurity Engineer to be based in our Hawthorne, CA office....  ...of network, systems, data and endpoints in a multi-cloud environment, to help mitigate... 
    Full time
    Work experience placement
    Work at office
    Flexible hours

    OSI Systems

    Hawthorne, CA
    3 days ago
  • $120k - $175k

     ...Technology Cyber Security Architect Cooley is seeking a Cyber Security Architect to join...  ...technology changes Partner with engineering, infrastructure, DevOps, and data teams...  ...access management (IAM), encryption, and endpoint security ~ Ability to translate business... 
    Full time
    Temporary work
    Work at office
    Flexible hours
    Weekend work

    Cooley

    Los Angeles, CA
    8 days ago
  •  ...our mission of providing humankind access to the galaxy beyond our planet. About the Role We are seeking a Cloud Security Engineer to design, implement, maintain, and optimize secure cloud environments supporting U.S. government, DoD, and intelligence... 
    Full time
    Work at office

    Apex

    Los Angeles, CA
    4 days ago
  •  ...solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description This position is...  ...upon award of contract SOSi is seeking a Cloud Security Engineer to support mission requirements for a structured approach to further... 
    Full time
    Contract work
    Remote work
    Worldwide

    SOS International LLC

    Los Angeles, CA
    5 days ago
  • $160k - $220k

     ...reach further. Overview As the bank continues to grow and expand its use of cloud technologies, we are seeking a  Cloud Security Engineer  to support the secure design, implementation, and operation of our cloud environments. This role is hands-on and execution-focused... 

    Unavailable

    San Marino, CA
    1 day ago
  •  ...teammates, you'll feel right at home at DISQO. DISQO is hiring a Senior Security Engineer to take definitive ownership of our comprehensive security posture, encompassing both AWS cloud and endpoint security. This critical role leads day-to-day security operations... 
    Full time
    Contract work
    Local area
    Flexible hours

    DISQO

    Los Angeles, CA
    16 days ago
  •  ...Perform penetration tests against external networks, internal networks, web applications, mobile applications, social engineering, phishing, physical security, wireless networks, and more to identify exploits and vulnerabilities Create and deliver findings and/or... 
    Work experience placement

    WATI

    Los Angeles, CA
    4 days ago
  • $165k - $190k

     ...Senior Application Security Engineer Tatari is on a mission to revolutionize TV advertising. Founded in 2016 to help transform the antiquated world of TV advertising through the intelligent application of AI and machine learning, Tatari helps some of the world's fastest... 
    Work at office
    2 days per week

    Tatari

    Los Angeles, CA
    23 hours ago
  •  ...private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work...  ...’re looking for: We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security... 
    Contract work
    Remote work

    GrabJobs

    Glendale, CA
    4 days ago
  •  ...Dormont Manufacturing Co is seeking an experienced Network Engineer based in Los Angeles, California. The role involves evaluating, enhancing...  ...Bachelor’s degree in a related field, experience with network security, and strong troubleshooting skills. Benefits include health,... 
    Flexible hours

    Dormont Manufacturing Company

    Los Angeles, CA
    6 hours ago
  • $102.17k

     ...clients across the country. Job Description Join the Trinnex Security Team as a Senior Cyber Security Analyst, where you will operate...  ...resilient against evolving threats. You will work closely with engineering and development teams to safeguard systems that communities... 
    H1b

    CDM Smith

    Los Angeles, CA
    1 day ago
  •  ...Trinnex is looking for a Senior Cyber Security Analyst in Los Angeles to secure critical software systems supporting water utilities...  ...monitoring, vulnerability assessments, and collaboration with engineering teams to enhance security posture. The ideal candidate will have... 

    Trinnex

    Los Angeles, CA
    3 days ago
  • $90k - $100k

     ...OPPORTUNITY The Network Engineer plays a critical role in building and maintaining a secure, reliable, and scalable technology infrastructure that supports teaching...  ...and SolarWinds. Support connectivity of servers, endpoints, classroom technologies, web filters, VoIP... 

    Green Dot Public Schools California

    Los Angeles, CA
    2 days ago
  • $90k - $100k

     ...Network Engineer page is loaded## Network Engineerlocations: Green Dot California Central...  ...critical role in building and maintaining a secure, reliable, and scalable technology...  ...connectivity and integration of servers, endpoints, classroom technologies, web filters, VoIP... 
    Contract work
    Work at office
    Visa sponsorship
    Work visa

    Green Dot

    Los Angeles, CA
    2 days ago
  •  ...Cyber Security Engineer Location: Rosemead, CA and Multiple locations candidate's must be able to travel. Duration: 12+ Months Cyber security engineer will gather technical and procedural information, deploys necessary tools to test and validate IT infrastructure, identifies... 

    Staffing the Universe

    Rosemead, CA
    4 days ago
  • $95.86k - $208.27k

     ...hacking certifications not required but preferred; GIAC Web Application Penetration Tester (GWAPT), Council for Registered Ethical Security Testers (CREST), Offensive Security Web Expert (OSWE), Offensive Security Web Assessor (OSWA) Ability to travel as required... 
    H1b
    Local area

    KPMG

    Los Angeles, CA
    3 days ago
  • $170.6k - $390k

     ...the best place in the world to grow your career in information security! The opportunity The Senior Network Security Architect...  ...Join our dynamic team as a Senior Manager in Cybersecurity Engineering, where you will play a pivotal role in developing, managing, and... 
    Summer holiday
    Remote work
    Flexible hours

    EY

    Los Angeles, CA
    4 days ago
  • $162k - $219k

     ...Summary The Forward Deployed Engineer owns the technical implementation of complex integration workflows - the builds that go beyond...  ...documentation. Build custom n8n flows, direct API integrations, webhook endpoints, and middleware configurations for accounts that fall outside... 
    Remote work
    Work from home

    GrabJobs

    Glendale, CA
    23 hours ago
  • $95k - $105k

     ...is looking for a Cybersecurity Analyst to join our Safety and Security team. This person will work directly with our client, who is located...  ...within the functional area. Builds relationships with engineers, stakeholders, and security champions, to incorporate security... 
    Full time
    Local area
    Remote work

    Gannett Fleming

    Los Angeles, CA
    2 days ago
  •  ...Cybersecurity Engineer The Cybersecurity Engineer is responsible for implementing, maintaining...  ...to identify vulnerabilities, monitor security events, respond to threats, and...  ...at all times. Assist in maintaining endpoint security, network security, and cloud security... 

    Los Angeles Times

    Los Angeles, CA
    3 days ago
  • $120k - $130k

     ...Modern Workplace Engineer The Modern Workplace Engineer is responsible for designing, implementing, and supporting a secure, cloud-first end-user computing environment built on Microsoft...  ...-party applications. Implement endpoint security baselines, support Defender... 
    Flexible hours

    Womble Bond Dickinson LLP

    Glendale, CA
    23 hours ago
  •  ...Physical Access Control Systems Video Management Systems Virtualization and Infrastructure (Vmware, Virtual Switches) Endpoint Credential Management Privileged Access Management Cybersecurity Incident Response Plan/ Program Threat Detection and Vulnerability... 

    RIT Solutions

    Glendale, CA
    4 days ago
  • $251k - $377k

     ...addition to Bitmoji, Saturn, and other digital services. Snap Security teams protect the trust and safety of our global community by...  ...execute with privacy at the forefront. We're looking for a Security Engineering Manager to join the InfoSec org! What you’ll do: Design and... 
    Full time
    Live in
    Work at office
    Local area

    Snap Inc.

    Santa Monica, CA
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to EndPoint Security Engineer. Be the first to apply!