Cyber Sdc

Description:

EY is seeking a Cyber SDC – Endpoint Security Lead Engineer (Senior) to strengthen its cybersecurity operations team. This role will focus on administering, monitoring, and enhancing endpoint security solutions to defend against evolving cyber threats. The successful candidate will play a critical role in threat detection, incident response, security policy enforcement, and automation, while working closely with IT and cross-functional security teams to build a resilient cybersecurity posture.

Key Responsibilities

• Endpoint Security Management:

  • Administer and support endpoint security platforms such as CrowdStrike, Microsoft Defender for Endpoint & Mobile, and CyberArk Endpoint Privilege Manager (EPM).

  • Monitor alerts and incidents, ensuring swift response to vulnerabilities and potential threats.

• Threat Detection & Response:

  • Analyze endpoint security events to detect and mitigate threats.

  • Conduct forensic investigations, identify root causes, and implement corrective actions.

• Policy Configuration & Enforcement:

  • Design, implement, and enforce endpoint security policies.

  • Optimize system configurations to enhance defenses.

• Collaboration & Support:

  • Provide technical guidance to users on endpoint security tools.

  • Partner with IT and security teams to integrate endpoint solutions into wider frameworks and response processes.

• Reporting & Documentation:

  • Maintain records of system configurations, incidents, and remediation efforts.

  • Produce detailed reports on security metrics, compliance, and incident trends for leadership review.

• Continuous Improvement & Automation:

  • Stay current with emerging threats and technologies.

  • Develop automation workflows using PowerShell, Python, and automation tools (e.g., Tines, PowerAutomate).

Qualifications

Required:

• Bachelor’s degree in Computer Science, Cybersecurity, IT, or related fields.

• Experience managing enterprise endpoint security tools (CrowdStrike, Microsoft Defender, CyberArk EPM).

• Strong knowledge of endpoint security principles, SIEM monitoring, and incident response frameworks.

• Proficiency in scripting (PowerShell, Python) for automation and response activities.

• Familiarity with ServiceNow ticketing and change management systems.

• Excellent problem-solving skills, with strong attention to detail and communication abilities.

Preferred:

• Cybersecurity certifications such as CompTIA Security+, CISSP, CEH.

• Knowledge of compliance frameworks (NIST, ISO 27001) and risk management practices.

• Understanding of network security fundamentals.

What EY Offers

• Competitive base salary:

  • Nationwide: $77,500 – $140,900 annually ($6,458 – $11,741 monthly).

  • NYC Metro, Washington State, California metro: $92,900 – $160,500 annually ($7,741 – $13,375 monthly).

• Benefits include:

  • Medical, dental, vision, pension, and 401(k).

  • Wide range of paid time off including flexible vacation policy, EY paid holidays, and seasonal breaks.

  • Hybrid work model: expected 40–60% in-person engagement depending on project.

  • Training, career development, and certifications support.

  • Work in a diverse, inclusive, and globally connected environment.

About EY

EY is a global leader in assurance, consulting, tax, strategy, and transactions, serving clients in over 150 countries. With a mission of building a better working world, EY leverages innovation, advanced technology, and deep sector expertise to solve complex business challenges.

The firm is recognized for its commitment to integrity, diversity, and sustainability, and provides employees with opportunities to develop their careers while making a meaningful global impact.