Infrastructure Engineer - Security Architecture

Bloomberg LP

NY

JOB DETAILS
SALARY
$130,000–$225,000 Per Year
SKILLS
Ansible, Antivirus, Application Programming Interface (API), Authentication, Automation, Bash Scripting, Communication Skills, Computer Security, Continuous Deployment/Delivery, Continuous Integration, Endpoint Security, Enterprise Endpoint, Genetics, Git, Identify Issues, Incident Response, Linux Operating System, Mac Operating System, Medical Conditions, Metrics, Microsoft Product Family, Microsoft Windows Operating System, Object Oriented Programming (OOP) Languages, Operational Measurement, Performance Analysis, Podcasting, Presentation/Verbal Skills, Production Control, Production Support, Production Systems, Protective Services, Public/Media/Press/Analyst Relations, Python Programming/Scripting Language, REST (Representational State Transfer), Reporting Dashboards, Safety/Work Safety, Security Architecture, Software Development Lifecycle (SDLC), Software as a Service (SaaS), Source Code/Configuration Management (SCM), Systems Administration/Management, Technical Leadership, Technical Writing, Technical/Engineering Design, Telemetry, Test Automation, Test Plan/Schedule, Windows PowerShell, Writing Skills
LOCATION
NY
POSTED
30+ days ago

Infrastructure Engineer - Security Architecture - 18781 - Bloomberg

Skip to content

Bloomberg

  • Our Company
  • Events
  • Search Jobs
  • Login

Infrastructure Engineer - Security Architecture

Location

New York

Business Area

Engineering and CTO

Ref #

10050604

Description & Requirements

Our Team:

The Global Corporate Technology Group is responsible for designing, deploying, and supporting Bloomberg's enterprise technology systems used by employees across our global environment. Within that organization, the Security Architecture team engineers and operates endpoint security services used across the corporate environment.

Our team owns the design, build, deployment, integration, and support of endpoint security technologies across Windows and macOS. Linux support is expected to grow over time. We support Enterprise Endpoint Detection and Response (EDR) and Antivirus (AV) products including Carbon Black and CrowdStrike, Endpoint Privilege Management (EPM), and the integrations needed to connect these services with internal identity, logging, and software deployment systems.

We are responsible for agent deployment, approved control rollout, version upgrades, automation, staged release, rollback planning, health monitoring, and production support. Endpoint stability and performance are a priority for the team. We work closely with internal Corporate Technology teams including Endpoint User Compute, Chief Technology Office (CTO), RISK, Technology Vulnerability Management (TVM), and the Computer Incident Response Team (CIRT) and Security Operations Center (SOC), but our focus is engineering, integration, and service ownership.

The Role:

As an Infrastructure Engineer, you will build, automate, deploy, and operate endpoint security services at scale. This is an engineering role focused on automation, integrations, and production ownership, not a click-ops administration role. You will take business and security requirements and turn them into technical designs, rollout plans, implementation tasks, test plans, runbooks, and support procedures, then execute those plans in production.

The work is centered on endpoint technologies. That includes automating configuration changes through vendor Application Programming Interfaces (APIs), staging rollouts through identity and device targeting, collecting agent and console logs into internal systems, and managing upgrades with clear validation and rollback. Endpoint performance, user impact, and service health must be considered in every change.

This role requires strong infrastructure engineering fundamentals, experience operating at enterprise scale, and the ability to apply a modern Software Development Life Cycle (SDLC) to endpoint security services.

We'll trust you to

  • Take business and security requirements and turn them into technical designs, rollout plans, implementation tasks, test plans, runbooks, and support models, then execute those plans in production
  • Design, implement, and operate endpoint security services across Carbon Black, CrowdStrike, CyberArk Endpoint Privilege Management (EPM), Sysmon, and related internal integrations
  • Build and maintain automation using Python, PowerShell, Bash, Ansible, Terraform, and vendor or internal Application Programming Interface (API) integrations to provision, configure, validate, upgrade, and troubleshoot endpoint agents at scale
  • Build and manage Git based workflows and Continuous Integration and Continuous Delivery (CI/CD) pipelines for endpoint service configuration and automation, including Pull Request (PR) review, automated validation, staged promotion, rollback, and controlled release practices
  • Plan and execute agent deployments, upgrades, and approved control rollout with clear validation around endpoint performance, user impact, service health, and rollback safety
  • Build observability for the services you own, including health checks, dashboards, alerting, telemetry validation, and operational reporting, with an understanding of Service Level Objectives (SLOs) and Service Level Indicators (SLIs)
  • Troubleshoot and restore service issues involving authentication, networking, proxies, certificates, endpoint agents, logging pipelines, and Software as a Service (SaaS) to on premise integrations, while partnering with internal teams and vendors to drive long term fixes

You'll need to have

  • 4+ years of experience engineering and operating enterprise infrastructure or endpoint security services in production at scale across Software as a Service (SaaS) and on premise environments
  • Experience in Python or another object oriented language, plus PowerShell or Bash for operational automation
  • Experience building tools and integrations using Representational State Transfer (REST) APIs and working with enterprise infrastructure services and vendor technologies
  • Experience with Infrastructure as Code (IaC) and orchestration frameworks such as Terraform, Ansible, or similar tools
  • Strong familiarity with Git workflows, Pull Request (PR) review, automated testing, and Continuous Integration and Continuous Delivery (CI/CD) pipelines
  • Strong troubleshooting skills across authentication and authorization flows, enterprise networking, proxy constrained environments, certificates, endpoint agents, and distributed dependencies
  • Experience building and operating observability for enterprise services, including health metrics, dashboards, alerting, telemetry checks, and operational measurements tied to SLOs and SLIs
  • The ability to take ownership of issues end to end, create clear technical documentation from requirements, and drive work through implementation, validation, and support

We'd love to see

  • Experience with one or more of the following technologies: Carbon Black, CrowdStrike, CyberArk Endpoint Privilege Management (EPM), Microsoft Entra, or Sysmon
  • Experience managing endpoint agent lifecycle activities at scale, including deployment, approved control rollout, health validation, upgrades, rollback, and performance monitoring
  • Experience integrating SaaS endpoint services with internal identity, logging, or software deployment systems
  • Experience building drift detection, closed loop validation, or self-healing automation for endpoint services
  • Strong written and verbal communication skills and the ability to work independently in a production engineering environment

Salary Range = 130000 - 225000 USD Annually + Benefits + Bonus

The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.

We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.

Discover what makes Bloomberg unique - watch our podcast series for an inside look at our culture, values, and the people behind our success.

Apply Now

  • Back to Job Search

Apply Now Save this Job

Accommodations

Bloomberg provides reasonable adjustment/accommodation to individuals with disabilities. Please tell us if you require a reasonable adjustment/accommodation to apply for a job. Examples of reasonable adjustment/accommodation include but are not limited to making a change to the application process or work procedures, providing documents in an alternate format or using specialized equipment. To request an adjustment/accommodation to apply for a job, please email AMER_recruit@bloomberg.net (Americas), EMEA_recruit@bloomberg.net (Europe, the Middle East and Africa), or APAC_recruit@bloomberg.net (Asia-Pacific), based on the region you are submitting an application for. We may share your information with a third party provider of accommodations services who may use this information to reach out to you for the purposes of accommodating your application.

Equal Opportunity

Bloomberg is an equal opportunity employer and prohibits discrimination in employment. It is Bloomberg's policy to provide equal opportunity and access for all persons, and the Company is committed to attracting, retaining, developing, and promoting the most qualified individuals without regard to age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, self-identified or perceived sex, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy, childbirth or related medical conditions, or parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law (each, a "Protected Characteristic"). Bloomberg prohibits treating applicants or employees less favorably in connection with the terms and conditions of employment, in all phases of the employment process, because of one or more Protected Characteristics.

2026 Bloomberg Finance L.P. All rights reserved.

Privacy | Legal | Accommodations & EEO Policy | Additional Policies | Cookie Preferences

About the Company

B

Bloomberg LP