Technology Services Engineer - Endpoint Protection

Job Summary:The Endpoint Protection Technology Services Engineer at Softrim will own endpoint security and patch compliance across our MSP client environments. You will plan, test, deploy, and monitor OS/app updates; deploy, manage, and tune EDR/XDR; validate vulnerability findings; and lead/execute incident response playbooks for malware, ransomware, and insider risks. The role blends hands-on tooling, automation, and client-facing communication to measurably raise security posture and maintain compliance.Responsibilities:· Patch management at scale: Build ringed deployment strategies, pilots, and phased rollouts; schedule maintenance windows; handle approvals/rollback; track patch compliance SLAs across Windows (and macOS where applicable) via various ITSM tools.· Application & driver updates: Package, test, and deploy third-party updates (e.g., browsers, runtimes); manage superdense and compatibility issues.· EDR/XDR operations: Deploy and maintain EDR/XDR; configure policies, prevention/visibility settings, exclusions, device control, and rules; monitor detections and contain/isolate endpoints.· Threat hunting & investigations: Use ITSM tools (Advanced Hunting / KQL) to identify IOCs, suspicious behaviors, lateral movement, and persistence; document findings and recommendations.· Incident response: Execute playbooks (triage ? containment ? eradication ? recovery); coordinate with clients and internal teams; produce RCAs and hardening actions post-incident.· Vulnerability management: Validate scan results from ITSM tools; prioritize by CVSS/exploitability, assign owners, track remediation/exception justifications, and report aging.· Endpoint hardening: Apply baselines (CIS-aligned where applicable), BitLocker, local admin control, Credential Guard/LSA protections, firewall policies, Wi-Fi/proxy/SSL inspection considerations.· Automation & reporting: Script with PowerShell and APIs/Graph to automate deployments, compliance checks, evidence packs, and exceptions; publish dashboards (compliance %, MTTP, EDR coverage, vuln aging).· Change & documentation: Follow CAB/change control; maintain runbooks, SOPs, and client security review decks; ensure ticket/time-entry hygiene in PSA.· Client communication: Lead security check-ins/QBRs, advise on risk and prioritization, and translate technical outcomes into business impact and next steps.Qualifications:· 3+ years in an MSP or multi-tenant environment focused on endpoint security and patch management.· Hands-on expertise with device management tools.· Operational experience with EDR/XDR and vulnerability tools for Endpoints including policy tuning, incident handling, and containment.· Intermediate PowerShell for automation and reporting.· Solid fundamentals in Windows endpoint administration, AD/Entra device compliance, networking basics and change management.· Clear, concise communication: comfortable leading client-facing security reviews and incident updates.Work Location: 100% in-office.Employment Terms: Full-time, In-office, Exempt, Salary. Eligible for benefits (medical, dental, vision, life, AD&D, disability) and 401(k) after introductory period. Typical business hours are from 8:00 a.m. until 5:00 p.m., Monday through Friday, excluding company-observed holidays.

Created: 2026-05-16