Who we are looking for
We are looking for an Endpoint Security Engineer reporting within the Defensive Engineering leadership team in Global Cyber Security (GCS). You will be responsible for supporting endpoint hardening, application execution control, and attack surface reduction initiatives across enterprise workstations and servers through secure configuration management, Airlock allowlisting administration, and operational security support.
The team you will be joining is a part of the Defensive Engineering organization, a function that is vital to the company as it helps protect enterprise assets by reducing endpoint attack surface, enforcing strong execution controls, maintaining secure configurations, and supporting compliance with cybersecurity and regulatory requirements.
As an Endpoint Security Engineer, you will:
-
Perform endpoint hardening activities across workstations and servers by enforcing secure configurations, minimizing unnecessary services, and supporting execution control mechanisms.
-
Administer Airlock application allowlisting, including policy updates, rule maintenance, exception processing, and ongoing platform support in accordance with approved standards and procedures.
-
Review, validate, and process application allowlisting requests from infrastructure and application teams, escalating complex or high-risk scenarios when appropriate.
-
Maintain endpoint security baselines by implementing configuration changes, validating compliance posture, and documenting approved deviations and operational impacts.
-
Provide operational support for endpoint security tools and platforms, troubleshoot enforcement issues, support audit activities, and participate in an on-call rotation for endpoint hardening and execution control incidents.
-
Collaborate with Network Security teams to support Zero Trust initiatives, exposure reduction efforts, and endpoint-to-network security controls.
These skills will help you succeed in this role:
-
Strong analytical, troubleshooting, and problem-solving skills with the ability to assess security risks and recommend practical solutions.
-
Experience managing endpoint security technologies, application allowlisting platforms, and enterprise endpoint hardening programs.
-
Knowledge of Windows server and workstation administration, endpoint security controls, and secure configuration management.
-
Ability to operate effectively in large, complex enterprise environments while balancing security requirements with business needs.
-
Strong communication and collaboration skills, with experience working across infrastructure, application, and security teams.
-
Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field (or equivalent experience).
-
3–5+ years of experience in endpoint security, systems administration, cybersecurity operations, or a related discipline.
-
Experience with application allowlisting technologies such as Airlock or similar execution control platforms.
-
Knowledge of endpoint hardening standards, security baselines, compliance frameworks, and Zero Trust principles.
-
Relevant certifications such as Security+, GSEC, CISSP, Microsoft Security certifications, or equivalent are preferred.
-
Experience supporting enterprise-scale endpoint environments across multiple geographic locations.
-
Familiarity with audit, regulatory, and compliance evidence collection processes.
-
Ability to participate in an after-hours and weekend on-call support rotation.
-
Hybrid work model in accordance with company policy.
-
Participation in a scheduled on-call rotation for after-hours and weekend support.
-
Standard business hours with flexibility to support critical incidents, maintenance activities, and security events as needed.
Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.
We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.
As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.
Discover more information on jobs at StateStreet.com/careers
Read our CEO Statement