Sr Endpoint Security Engineer

Stefanini Group is looking for Sr Endpoint Security Engineer for a globally recognized company! For interested applicants, click the apply button or you may reach out to Alfher Hidalgo at (248) ... for faster processing. Thank you! We're looking for a Senior Endpoint Security Engineer to own and evolve our endpoint security and identity ecosystem across a modern, cloud-first environment. This is a high-impact role where you'll lead strategy and hands-on execution across: macOS endpoint management (Jamf Pro) Apple Business Manager Identity platforms (Entra ID, Okta, Google Workspace) EDR/XDR (CrowdStrike or similar, including managed SOC integrations) You'll help drive Zero Trust architecture , automate device lifecycle management, and improve enterprise security posture at scale. What You'll Do Endpoint Security (macOS-Focused) Own and manage Jamf Pro for macOS fleet (configuration, compliance, patching) Lead Apple Business Manager integration for automated device enrollment & lifecycle Implement endpoint hardening (CIS benchmarks, encryption, policy enforcement) Threat Detection & Response Deploy & optimize CrowdStrike (or equivalent EDR/XDR) Partner with MDR/MSSP providers for 24/7 threat coverage Investigate alerts, tune detections, and improve response playbooks Identity & Access (Zero Trust Enablement) Integrate and manage: Microsoft Entra ID (Azure AD) Okta (SSO, MFA, lifecycle) Google Workspace (existing identity layer) Build conditional access policies tied to device posture Enable seamless SSO and identity federation Automation & Integration Automate provisioning/deprovisioning across Jamf, Okta, Entra ID, Google Workspace Build scripts (Python/Bash) and API integrations Integrate with SIEM/SOAR platforms (e.g., Sentinel, Splunk) Compliance & Governance Support SOX / SOC 2 / ISO audit readiness Maintain endpoint and identity security documentation Deliver reporting on device compliance, vulnerabilities, and incidents Required Experience 5+ years in endpoint security or endpoint engineering Strong hands-on experience with: Jamf Pro (macOS management is a must) Apple Business Manager CrowdStrike or similar EDR/XDR Identity platform experience: Entra ID (Azure AD) Okta Experience in Google Workspace environments Solid understanding of Zero Trust and endpoint security frameworks Scripting: Python, Bash, or PowerShell Nice-to-Haves (Stand Out Candidates) Jamf / CrowdStrike / Okta certifications Experience with MDR/MSSP environments SIEM tools (Splunk, Sentinel) Experience in SOX-compliant environments API integrations across security platforms #LI-REMOTE #LI-AH1