Endpoint Protection Engineer
PORTUGAL
Job description
Endpoint Protection Engineer
MAIN PURPOSE
As an Endpoint Protection Engineer within the Connectivity and Workplace – Endpoint Protection team at Group Technology, you will be responsible for implementing, managing, and maintaining endpoint security tools and processes to protect organizational assets. Your primary responsibilities include technical implementation, operational support, and continuous enhancement of endpoint security controls and solutions.
A critical responsibility of the Endpoint Protection Engineer is to ensure reliable and effective operation of endpoint protection technologies. This role demands detailed attention to technical implementation, integration, and maintenance of endpoint security solutions across IT, security, and operational technology teams. The engineer will proactively monitor and maintain endpoint systems, ensuring robust security configurations, timely updates, and effective response to vulnerabilities or threats.
The Endpoint Protection Engineer must continuously evaluate existing practices and configurations, recommending improvements to strengthen the organization's endpoint security posture. This includes closely collaborating with architects and cybersecurity specialists to implement standardized, automated, and secure endpoint protection processes. By ensuring high standards in operational excellence and consistent documentation, the engineer plays a crucial role in maintaining seamless, efficient, and secure endpoint operations.
KEY RESPONSIBILITIES
Technical Implemention and Operational Support:
· Deploy, configure, and maintain endpoint security solutions, including:
· Microsoft Intune (device compliance, endpoint policy management, security baselines)
· Workspace ONE (Apple ecosystem endpoint management)
· Tanium (visibility, endpoint control, and threat response)
· Cortex XDR (extended detection and response capabilities)
· Zscaler (Device posture management)
· Understanding of Data Loss Prevention (DLP) concepts and tools, including policy creation, monitoring, and incident response to prevent unauthorized data transfers.
· Manage the integration of endpoint protection tools with internal IT services, ensuring effective interoperability and optimal performance.
· Regularly assess endpoint security configurations and recommend improvements for encryption and hardening solutions (e.g., BitLocker, FileVault).
· Perform proactive maintenance, issue resolution, patch management, and system upgrades.
Endpoint Management and Optimization:
· Develop and maintain endpoint configuration standards and automated compliance baselines.
· Ensure all endpoint devices adhere to established security and operational standards.
· Document operational procedures clearly, ensuring consistent implementation and ease of troubleshooting.
Incident and Problem Management:
· Investigate, troubleshoot, and resolve endpoint security incidents and problems.
· Proactively monitor endpoint tools and escalate identified vulnerabilities or performance issues.
· Participate in root-cause analysis efforts and remediation planning.
Knowledge Sharing and Collaboration:
· Provide technical guidance, knowledge sharing, and training to IT support teams and junior engineers.
· Collaborate closely with architects, cybersecurity analysts, and IT operations teams to implement cohesive security strategies.
· Actively contribute to continuous improvement initiatives and recommend innovative security enhancements.
SKILL & COMPETENCIES
Essential:
· Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent professional experience).
· 3+ years’ experience managing and maintaining endpoint security solutions for Windows, macOS, iOS, Linux and OT environments.
· Hands-on experience with tools such as Microsoft Intune, Workspace ONE, Tanium, and Cortex XDR.
· Strong technical skills in endpoint security, device encryption, patch management, and vulnerability management.
· Knowledge of endpoint configuration baselines and compliance frameworks (e.g., CIS Benchmarks).
Nice-to-Have:
· Familiarity with scripting and automation tools (PowerShell, Python, Power Platform, Azure Logic Apps).
· Understanding of Microsoft ecosystems (O365, SharePoint, SQL).
· Understanding of Apple APNS, Business Portal, Apple Care Enterprise
· AWS foundational knowledge.
· Experience integrating endpoint management tools with ServiceNow.
· Relevant IT/security certifications.
IT Service Management Knowledge:
· Working knowledge of ITSM/ITIL frameworks.
· Experience with incident, problem, and change management processes.
· Strong documentation and procedural development skills.
Soft Skills:
· Strong team player with excellent interpersonal and communication skills.
· Demonstrates honesty, fairness, integrity, and reliability.
· Ability to thrive in an international, multicultural environment.
· Good technical English (written and spoken).
· Customer-focused approach and clear communicator.
· Analytical thinker focused on continuous improvement.