Sign upLog in

End-Point Protection Engineer-4

PEAK Technical Staffing

Washington, DC

Apply
JOB DETAILS
SALARY
$50–$60.56 Per Hour
SKILLS
Americans with Disabilities Act (ADA), Antivirus, Artificial Intelligence (AI), Automation, Best Practices, CISSP - Certified Information Systems Security Professional, Change Control, Computer Science, Computer Security, Continuous Improvement, Contract Requirements, Corrective Action, Documentation, Endpoint Security, Enterprise Endpoint, Enterprise Protection, Establish Priorities, FISMA - Federal Information Security Management Act, Federal Government, Flexible Spending Accounts, Incident Response, Information Technology & Information Systems, Internet Security, Lift/Move 25 Pounds, Mac Operating System, Machine Tool, Metrics, Microsoft Product Family, Microsoft Windows Operating System, Mobile Devices, On Call, Operational Audit, Operational Support, Process Improvement, Production Control, Reporting Dashboards, Risk, Risk Analysis, SEC Filings, Scripting (Scripting Languages), Securities and Exchange Commission (SEC), Security Analysis, Security Architecture, Security Auditing, Security Monitoring, Software Patches, Standard Operating Procedures (SOP), Team Lead/Manager, Technical Leadership, Technical Support, Telemetry, U.S. National Institute of Standards and Technology (NIST), Willing to Travel, iOS
LOCATION
Washington, DC
POSTED
Today

#Eng-IT-01

Position Summary

The End-Point Protection Engineer-4 provides senior engineering support for enterprise endpoint security across the SEC ISS contract environment. This role designs, implements, and sustains endpoint protection capabilities for Windows, macOS, and iOS endpoints, including workstation and server environments, while enforcing SEC security baselines and federal cybersecurity requirements. The engineer leads vulnerability remediation, patch and supersedence execution, and POA&M closure activities to maintain security posture and audit readiness. The position also drives operational visibility through automation, documentation, and transparent reporting to SEC stakeholders.

Primary Responsibilities

  • Endpoint Security Engineering & Baseline Management
    • Architect, implement, and maintain enterprise endpoint protection strategies across Windows, macOS, iOS, workstation, and server platforms.
    • Define, enforce, and continuously improve endpoint security baselines using Microsoft Defender for Endpoint and Microsoft Intune.
    • Lead deployment and configuration of antivirus and endpoint protection tooling, including policy tuning, signature/DAT update management, and scheduled scans.
    • Validate new endpoint security configurations in controlled environments before production rollout.
  • Vulnerability, Patching & POA&M Execution
    • Own endpoint patching strategy and execution across managed endpoint environments, including supersedence management.
    • Monitor vulnerability findings, assess risk and severity, and coordinate remediation with technical teams and system owners.
    • Lead development, tracking, and closure of endpoint POA&Ms with clear milestones and risk-based prioritization.
    • Ensure remediation and patch activities support ongoing compliance objectives and audit readiness.
  • Threat Monitoring, Incident Response & Reporting
    • Monitor endpoint security telemetry and respond to endpoint-specific threats, suspicious activity, and policy non-compliance.
    • Serve as an escalation point for complex endpoint incidents and coordinate with SOC and incident response stakeholders for broader investigations.
    • Create and maintain automation scripts and reporting workflows for endpoint compliance, vulnerability status, and remediation tracking.
    • Maintain accurate SOPs, runbooks, and status reporting to support governance, audit response, and service transparency.
  • Stakeholder Coordination & Technical Leadership
    • Collaborate with federal stakeholders, ISS teams, and partner vendors to validate endpoint security posture and operational readiness.
    • Provide senior technical guidance to engineering and operations teams on endpoint security architecture and best practices.
    • Support audit remediation activities (e.g., FISMA, IG, GAO) by preparing evidence and tracking corrective actions.
    • Drive continuous improvement initiatives that increase automation, resilience, and efficiency of endpoint security operations.

Required Qualifications

  • Citizenship/Work Authorization: Must meet contract requirements.
  • Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).
  • Education: Bachelor's in a relevant field (e.g., Information Technology, Computer Science, Engineering).
  • Experience:
    • 8 years of experience in enterprise endpoint security engineering in large, regulated environments.
    • Advanced experience designing, implementing, and managing Microsoft Defender for Endpoint and Intune security baselines.
    • Hands-on experience in vulnerability management, endpoint patching strategies, supersedence processes, and POA&M resolution.
    • Experience documenting SOPs/runbooks and providing compliance-focused reporting to federal stakeholders.
  • Technical Skills:
    • Microsoft Defender for Endpoint
    • Microsoft Intune endpoint and mobile device security baseline management
    • Endpoint vulnerability assessment, remediation coordination, and POA&M tracking
    • Enterprise endpoint patching and supersedence management
    • Antivirus/endpoint protection deployment, signature/DAT update operations, and scheduled scan management
    • Endpoint threat triage, escalation, and response coordination
    • Automation scripting for reporting and remediation
    • Process documentation, status reporting, and compliance evidence support

Preferred Qualifications

  • Experience supporting federal IT operations under FISMA and NIST-aligned controls.
  • Experience implementing endpoint compliance enforcement at enterprise scale across distributed/remote workforces.
  • Experience integrating endpoint tooling and metrics into enterprise dashboards and executive reporting.
  • Demonstrated success leading cross-team remediation efforts for audit findings and complex security incidents.
  • Prior experience supporting SEC or similarly regulated federal civilian agency environments.
  • Microsoft SC-200 (Security Operations Analyst)
  • Microsoft MD-102 (Endpoint Administrator)
  • CISSP

Work Environment / Other

  • Operational Support: May require participation in on-call or surge support activities depending on operational needs.
  • Location: Telework
  • Travel: As required per contract direction.
Benefits PEAK's benefit offerings available for our associates include medical, dental, vision, Flexible Spending Account (FSA), Dependent Care Savings Account (DCA), and 401K plan.PEAK believes that taking care of our team is essential for success and we are proud to provide benefits that enhance both your well-being and your future. Additionally, our associates may be eligible for Paid Sick Leave as required by Federal, State, or local laws. Equal Opportunity Employer (EEO) PEAK Technical Staffing is committed to creating a diverse and inclusive environment and is proud to be an Equal Opportunity Employer. PEAK does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status, or any other characteristic protected by applicable law. All employment decisions are made based on qualifications, merit, and business need. We encourage all individuals to apply. Americans Disabilities Act (ADA) The physical and mental requirements described in this job description are representative of those that must be met by an employee to successfully perform the essential functions of the position. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.Must be able to perform the essential physical functions of the position, including sitting, standing, walking, stooping, kneeling, andlifting upto 25 pounds, with or without reasonable accommodation. Candidate Privacy To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to https://peaktechnical.com/privacy-policy/and https://peaktechnical.com/ca-residents-privacy-rights/ AI Recruiting Disclosure We use AI-assisted tools to help review applications and compare your experience to job requirements, but all hiring decisions are made by human recruiters. You may request a human-only process or opt out of automated communication at any time. Required notices and our latest bias audit are available on our website: www.peaktechnical.com/ai-disclosure.

About the Company

P

PEAK Technical Staffing

For over 50 years, PEAK has excelled in providing comprehensive staffing and workforce solutions. We go beyond traditional staffing to offer a holistic, on-demand workforce model, addressing every facet of your workforce needs.

COMPANY SIZE
500 to 999 employees
INDUSTRY
Staffing/Employment Agencies
FOUNDED
1968
WEBSITE
http://www.peaktechnical.com

Resume Resources

Free Resume TemplatesFree Resume Builder