Cybersecurity Endpoint Engineer II

The Cybersecurity Endpoint Engineer is responsible for ensuring the security of all devices connected to the network. The ideal candidate would have extensive knowledge of host operating systems, including profound grasp of their functions and security controls. The engineer is responsible for reviewing and testing current operating system configurations to develop strategies to mitigate risks and strengthen the overall security posture of the organization. Maintain and enforce endpoint security policies and standards in alignment with corporate Governance, Security-Risk and Audit policies, procedures, industry regulation, best practices, and security frameworks (e.g., ISO 27001, NIST, CIS). The engineer will also support designing, implementing, and maintaining security measures to protect these endpoints from cyber threat. This function can include, but isn't limited to: Endpoint Security Engineering, File Integrity Monitoring (FIM), Antivirus (AV)/Endpoint Detection and Response (EDR), Endpoint Management, Security Automation, and mitigate exposure to cyber threats, security risks, and unauthorized access.

Position Responsibilities:
Cybersecurity Engineering

• Provide thorough analysis and suggests improvements to features of their respective platform based on business requirements and in support of project-based implementations.
• Ensure documentation is up-to-date and complete with respect to all formal processes and procedures.
• Perform escalated incident and security response support with guidance from senior staff and their Cybersecurity Engineering Manager.
• Escalate risks or control gaps to senior staff if required and drives the tactical remediation of confirmed issues.
• Support the enhancement and configuration, through a test-driven mentality, of security platforms or tools to ensure continual improvement and risk reduction.

Communication and Collaboration

• Assist senior staff in the development of, and provide feedback on risk identification, gap analysis, process documentation, and knowledge management for the Cyber Engineering teams.
• Participate in design review and enhancements of security solutions through an agile delivery method.
• Perform resource management with vendors, operations members, and management to accurately coordinate enhancements or changes.
• Collaborate with stakeholders across the business to document requirements and drive configuration changes necessary to support enhancements to Cyber Engineering services.
• Collaborate with other Engineering and Operations teams within both the Cyber and Technology organizations in Comerica to troubleshoot and respond to events, as directed by senior staff.

Administration

• Assist and mentor junior staff as needed.
• Keep management informed of status of on activities through accurate, timely, and appropriate reporting.
• Actively participate in committees representing the department and/or planning unit.
• Keep abreast of leading-edge technologies in the Cybersecurity engineering space.

Position Qualifications:

• Bachelor's Degree from an accredited university in Computer Science, Engineering or in a Technology related field OR equivalent through a combination of education and/or technology experience OR 12 years of technology experience
• 4 years of experience in relevant work within Cybersecurity Engineering or Operations
• 3 years of experience in at least one of the following domains of knowledge: Network Engineering and Security, Endpoint Security or System Hardening, SIEM or Detection Engineering, Cloud Operations or Security Engineering, Fraud Detection and Analysis
• 2 years of experience working with Architecture and Design teams to translate formal project requirements into working Enterprise systems
• 2 years of experience in host and networked based attack methodologies, threat hunting, remediation, and vulnerability assessment management
• 2 years of experience performing forensics on payloads across multiple attack vectors.
• 1 year working within an Agile team targeting an iterative release method for infrastructure and security services
• 1 year of experience working with general automation tools and processes like Python, Bash, Powershell, Git, etc.

Licenses/Certifications:

• Preferred, Security +, SSCP, or Equivalent
• Preferred, Certifications within relevant Engineering Domain: CCNA/CCNP, CompTIA
• Network+ / GDSA, GCIA, GMON, GCDA, CCSP, etc