Title: Technology Services Engineer – Endpoint Protection
Location: Alpharetta (onsite)
We’re hiring an Endpoint Protection Technology Services Engineer to join a growing healthcare-focused IT organization that delivers secure, reliable IT services so providers can stay focused on what matters most: exceptional patient care.
This is a hands-on, high-impact role for someone who thrives in a multi-client, multi-tenant environment supporting thousands of endpoints (specifically desktops, laptops, and servers). You’ll own endpoint protection and patch compliance across multiple client environments, while helping raise overall security maturity in a highly regulated industry.
What You’ll Do
You’ll serve as the endpoint security subject-matter expert across several client environments, with responsibility for both daily operations and long‑term posture improvement.
Endpoint Security & Patch Management
- Own OS and application patching across Windows (and macOS where applicable), from planning and testing through rollout and validation
- Design ringed and phased deployment strategies with rollback plans and defined maintenance windows
- Track and report patch compliance SLAs across client environments using ITSM/PSA tooling
EDR/XDR Operations
- Deploy, manage, and continuously tune EDR/XDR solutions
- Configure prevention and visibility policies, exclusions, device control, and detection rules
- Monitor alerts, investigate suspicious activity, and isolate or contain endpoints when needed
Threat Hunting & Incident Response
- Conduct proactive threat hunting using advanced hunting queries (e.g., KQL) and telemetry
- Execute incident response playbooks (triage → containment → eradication → recovery)
- Lead client-facing communications during incidents and deliver post-incident RCAs and hardening recommendations
Vulnerability & Endpoint Hardening
- Validate vulnerability scan findings and prioritize remediation based on exploitability and risk
- Apply endpoint security baselines (CIS where applicable), including BitLocker, firewall policies, credential protections, and local admin controls
- Partner with clients on risk acceptance and exception documentation when needed
Automation, Reporting & Continuous Improvement
- Use PowerShell and APIs (including Graph) to automate deployments, compliance checks, and evidence collection
- Build dashboards and reports that clearly show endpoint coverage, compliance, MTTP, and vulnerability aging
- Contribute to improved runbooks, SOPs, and scalable delivery practices
Client Partnership
- Lead security check‑ins and participate in QBRs
- Translate technical outcomes into clear business risk, impact, and next steps
- Act as a trusted advisor—not just a ticket closer
What You Bring
- 3+ years supporting endpoint security and patch management in an MSP or multi-tenant environment
- Strong hands-on experience with endpoint management and EDR/XDR tooling
- Working knowledge of endpoint-focused vulnerability management
- Intermediate PowerShell skills for automation and reporting
- Solid fundamentals in Windows endpoint administration, AD/Entra device compliance, and networking basics
- Comfort operating within structured change management and compliance-driven environments
- Clear, confident communicator—especially in client-facing security discussions and incident updates
Why You’ll Love Working Here
- Mission-driven work: Your efforts directly support healthcare systems and patient care
- High-caliber collaboration: Work alongside experienced engineers and IT leaders across infrastructure, cloud, and security
- Room to grow: Opportunity to influence how endpoint security services are delivered and scaled
- Competitive compensation: Salary, comprehensive benefits (medical, dental, vision, life, disability), 401(k) match, and generous PTO