Job Description - System Security Engineer

Role Overview

The System Security Engineer is responsible for securing, managing, and operating enterprise endpoint and system security platforms, with a primary focus on Microsoft SCCM and SentinelOne. This role ensures endpoint protection, patch compliance, threat detection, and secure system operations across the enterprise environment.

Key Responsibilities

• Administer and support endpoint security solutions across Windows environments.
• Manage and operate SentinelOne EDR for endpoint threat detection, investigation, and response.
• Investigate and remediate endpoint security alerts in coordination with SOC teams.
• Administer Microsoft SCCM for patch management, software deployment, and configuration compliance.
• Ensure timely OS and application patching aligned with security and compliance requirements.
• Troubleshoot SCCM agent, deployment, and reporting issues.
• Support endpoint hardening and security baseline configurations.
• Perform root cause analysis for endpoint security incidents.
• Maintain SOPs, runbooks, and endpoint security documentation.
• Collaborate with SOC, Infrastructure, IAM, and Vulnerability Management teams.

Required Skills & Experience

• 3-5 years of experience in system security, endpoint security, or infrastructure security roles.
• Hands-on experience with Microsoft SCCM for patching, deployments, and compliance reporting.
• Strong experience administering and supporting SentinelOne EDR.
• Good understanding of Windows OS security controls and endpoint hardening.
• Experience handling malware, ransomware, and endpoint security incidents.
• Understanding of patch and vulnerability management processes.
• Familiarity with ITSM processes such as incident, change, and problem management.

Preferred Qualifications

• Experience in large enterprise or regulated environments such as healthcare or finance.
• Exposure to additional endpoint tools such as Intune, Microsoft Defender, or Tanium.
• Scripting experience using PowerShell.
• Understanding of Zero Trust and endpoint security architecture.
• Relevant Microsoft, SentinelOne, or security certifications.