Endpoint Security Specialist

Role: Endpoint Security Specialist
Job Type: Contract
Location: Toronto, ON or Chicago, IL (Hybrid)
Estimated Duration: 6 Months

Job Description:
The Endpoint Security Specialist will be responsible for designing, implementing, and maintaining endpoint protection capabilities across non-production and production environments. This includes all laptops, desktops, servers, and ATMs. The role ensures compliance with cybersecurity standards, protects against advanced threats, and supports incident detection and response. The specialist will collaborate with internal stakeholders and external vendors to drive integration, automation, and incident management while maintaining system performance and optimizing resource usage.
The role requires a solid background in endpoint security tools, IT operations, and compliance standards, ensuring that the solutions align with the organization’s compliance requirements and security best practices. This role requires on-site work at one of the following locations:

Key Accountabilities:
1. Endpoint Security Engineering & Operations

• Design and implement endpoint security controls such as microsegmentation, antivirus, EDR, application control, encryption
• Ensure endpoint security technologies are deployed, maintained, and functioning effectively
• Support configuration, testing, and ongoing optimization of endpoint protection platforms
• Monitor agent health and endpoint compliance across the environment

2. Security Control Governance

• Define and maintain endpoint security control requirements aligned to enterprise standards
• Ensure security controls are integrated into system builds and technology designs
• Evaluate and recommend controls based on regulatory, legal, and risk considerations

3. Threat Detection & Incident Response

• Support incident response activities
• Collaborate as needed with Security Operations to triage and respond to threats
• Create queries and dashboards to assist with incidents

4. Stakeholder Collaboration

• Partner with infrastructure, platform, and application teams to ensure endpoint protections are implemented
• Assist technology teams in remediating unprotected or non-compliant systems
• Provide guidance and support to lines of business for endpoint security adoption

5. Continuous Improvement & Reporting

• Develop operating procedures and documentation for endpoint security tools
• Support reporting on endpoint security posture and compliance metrics
• Drive improvements in detection, prevention, and response capabilities

6. System Optimization and Performance Management

• Monitor agent and system performance, ensuring optimal use of CPU, memory, and network bandwidth as per best practices
• Tune configuration profiles to minimize performance impact on production environments
• Investigate and resolve incidents related to system performance issues that may be caused by endpoint security tooling

7. Integration and Automation

• Integrate endpoint security tools with ServiceNow to automate alert handling
• Leverage APIs to automate operations and streamline processes where applicable
• Maintain communication with vendors to resolve technical issues and ensure the platform operates effectively

8. Agent Lifecycle Management

• Oversee the entire lifecycle of agents, from installation to upgrades and eventual decommissioning
• Develop procedures for seamless handover from legacy solutions to modern tools
• Ensure all monitored assets remain up-to-date with appropriate policies and tags

9. Stakeholder Collaboration and Communication

• Act as a point of contact for internal teams and vendors concerning endpoint security solutions
• Provide training and documentation to stakeholders on tool usage, incident response, and report interpretation
• Offer regular updates on the status of endpoint security solutions, including incident metrics and compliance trends

Qualifications:
Required:

• 2+ years of experience in security engineering or operations, security monitoring, or IT operations or engineering
• Strong experience with endpoint operating system platforms (Windows, Mac, Linux)
• Experience with at least one of the following endpoint security tools:
  • Microsegmentation solutions such as Illumio or Akamai Guardicore
  • Antivirus/EDR solutions such as CrowdStrike Falcon
  • Application Control and Privilege Management solutions such as BeyondTrust Endpoint Privilege Management
  • File Integrity Monitoring (FIM) solutions such as Qualys FIM
• Strong collaboration, communication, and problem-solving skills

Preferred:

• Experience in large enterprise environments
• Familiarity with cloud hosting technologies in AWS and Azure
• Experience with ServiceNow or similar IT service management platforms
• Familiarity with compliance frameworks (PCI-DSS, SOX, GDPR) and security best practices
• Proven ability to manage system performance and optimize resource usage in complex IT environments
• Scripting/automation skills (PowerShell or Python)
• Experience with creating API-based integrations
• Cybersecurity certification (such as Security+)
• Bachelor’s degree in Information Technology, Computer Science, or a related field

Core Competencies:

• Analytical Skills: Ability to analyze large datasets, identify trends, and develop actionable insights
• Communication: Excellent verbal and written communication skills to engage with stakeholders at all levels
• Collaboration: Demonstrated ability to work across functional teams and manage vendor relationships
• Adaptability: Flexibility to respond to changing requirements and evolving technologies
• Technical Expertise: In-depth knowledge of security tools, system monitoring, and compliance processes
• Growth Mindset: Places an emphasis on continuous learning, adaptability, and embracing challenges