Cybersecurity Engineer - Endpoint

The Position

We are looking for a highly skilled Cybersecurity Engineer responsible for protecting our digital footprint at the endpoint level. Our team manages critical security products across the enterprise, including Endpoint Detection and Response (EDR), Application Control, and Secure Data Erasure. Our team consists of deep subject matter experts in cybersecurity and we are looking for a driven, technically rigorous Security Engineer to join us. Your primary mission will be to maintain and evolve our security tools, bringing a modern, automation-first development mindset to our operational security practices to ensure optimal performance.

Job Responsibilities

• Maintenance at scale: Configure, deploy, and maintain our global Endpoint Detection and Response (EDR) solution across thousands of endpoints (Windows, macOS, and Linux) to ensure peak performance.
• Application Control Governance: Design, implement, and fine-tune Application Control policies (e.g., AppLocker, WDAC, or third-party equivalents) to ensure only trusted executables, scripts, and libraries run within our environment, balancing security with user productivity.
• Optimization: Continuous evaluation to minimize false positives, optimize system performance, and improve the overall signal-to-noise ratio.
• Secure Data Erasure Lifecycle: Support the maintenance and auditing of our enterprise-grade secure data wiping services.
• Automation: Leverage a development mindset to build scripts, tools, and API integrations that automate repetitive engineering tasks and deployment processes.
• Cross-Functional Collaboration: Partner with other senior cybersecurity experts, translating their deep security requirements into scalable, automated technical solutions.

Qualifications - Education / Experience

• Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity, or equivalent practical experience.
• 3+ years of proven, hands‑on experience managing EDR solutions (e.g., Cortex XDR, CrowdStrike, Microsoft Defender for Endpoint) in a large‑scale enterprise environment.
• Proficiency in written and spoken English (C1 or above level).

Technical Skills

• Security Foundations: Good fundamental understanding of enterprise cybersecurity, specifically around endpoint security (EDR/XDR platforms like Cortex XDR), application whitelisting, and secure data handling.
• Application Control Expertise: Strong practical experience designing, rolling out, and maintaining Application Control/Whitelisting strategies across complex organizational structures.
• OS Internals: Strong understanding of operating system architectures, processes, memory management and filesystems (Windows, Linux, macOS).
• Analytical Mindset: Excellent troubleshooting skills with the ability to dive into complex system logs to trace issues back to their root cause.
• Automation & Deployment: Hands‑on experience with configuration management and deployment tools (e.g., Ansible, Terraform, SCCM, Microsoft Intune, Jamf).
• Development Best Practices: Solid understanding of software development lifecycles (SDLC), version control (Git), and CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions).

Additional Qualifications

• The "Builder" Mentality: You look at a manual, repetitive IT task and immediately think about how to write a script to do it better and faster.
• Problem Solver: Capable of troubleshooting complex deployment failures across varied endpoint environments.
• Adaptable: Comfortable working in a highly dynamic cybersecurity environment where priorities can shift based on emerging needs.
• Team Player: Ability to collaborate effectively with internal and external teammates and stakeholders.

Compensation & Benefits

This position also offers an attractive benefits package.

Roche is an Equal Opportunity Employer.