Job Details

Job Title: Security Operations Administrator (Endpoint Security Lead)
Duration: 12 - 24 Month Project Engagement

Role Summary: The Security Operations Admin is a specialized role focused on the strategic ownership and day-to-day management of Client's endpoint security. This position is responsible for the configuration, maintenance, and enforcement of endpoint security controls across the organization.

Key Responsibilities:

• Owns Client's endpoint security tools and configurations.
• Manage vulnerability detection, prioritization, and remediation tracking in partnership with infrastructure and application teams,
• Ensures compliance with security standards ((e.g., NIST CSF 2.0, ISO 27001, NYCRR 500)and maintains the CMDB (asset management).
• Actively participates in endpoint-related incident response activities.
• Lead threat hunting, forensic investigations, and root-cause analysis to prevent recurrence of incidents.
• Continuously tunes endpoint security policies (e.g., EDR, antivirus, host-based firewalls).
• Collaborate with governance, risk, and compliance (GRC) teams to meet regulatory and framework requirements
• Provides regular reports on the health, compliance, and security posture of Client's endpoints.
• Drive continuous improvement by evaluating tools, automation, and processes to strengthen endpoint security maturity.

• Bachelor's degree in Information Technology, Computer Science, or a related field.
• 10+ years of experience in systems administration or security operations, with a focus on endpoint security.
• Deep expertise with endpoint security technologies (e.g., EDR, antivirus, host-based firewalls).
• Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, and cloud monitoring tools.
• Experience with vulnerability management and asset management (CMDB).
• Relevant certifications such as Security+, CompTIA A+, or specific vendor certifications.