[Remote] Senior Endpoint Security Engineer – Carbon Black & Symantec

Note:The job is a remote job and is open to candidates in USA. Plurilock is seeking aSenior Endpoint Security Engineer with expertise in VMware Carbon Black and Symantec endpoint security platforms. The role involves designing, deploying, and managing endpoint protection technologies, leading incident investigations, and mentoring junior engineers. Responsibilities• Lead enterprise-wide deployment, configuration, and lifecycle operations for Carbon Black and Symantec endpoint platforms• Architect scalable endpoint security solutions aligned to organizational standards and zero-trust principles• Develop and refine advanced policies, application controls, EDR rules, tamper protection settings, and prevention controls• Oversee tuning activities to balance protection, performance, and operational efficiency• Serve as Tier 3 engineering escalation for endpoint security issues and agent health failures• Lead deep-dive incident investigations using Carbon Black and Symantec telemetry, process analysis, and behavioral tracking• Build integrations with SIEM, SOAR, vulnerability management, and IT ops tools• Drive automation of endpoint management tasks through PowerShell, Python, or Bash• Create enterprise standards, architecture documentation, runbooks, and engineering playbooks• Mentor mid-level and junior engineers; contribute to team capability development• Evaluate new capabilities, conduct PoCs, and recommend improvements to endpoint strategy• Support compliance requirements including ISO 27001, NIST CSF, CIS Controls, and sector-specific mandatesSkills• 6–10 years of experience in information security or endpoint engineering roles• Expert-level experience with VMware Carbon Black (App Control, EDR, Cloud) including advanced policy design, incident response, and console administration• Expert-level experience with Symantec endpoint security platforms (SEP, SES, Symantec EDR, content policy tuning)• Strong understanding of endpoint forensics, malware analysis fundamentals, and attacker tradecraft• Proficiency with Windows, macOS, and/or Linux endpoint internals and event logging• Demonstrated experience integrating endpoint data with SIEM/SOAR platforms• Ability to lead complex troubleshooting involving OS, network, and security layers• Strong documentation, communication, and technical leadership abilities• Experience designing enterprise security architectures or zero-trust endpoint models• Significant experience in environments with 5,000+ endpoints• Development or automation experience with PowerShell, Python, Bash, or REST APIs• Experience with threat modeling, purple teaming, or incident response leadership• Certifications such as CBCA, CBCM, Symantec/Broadcom certifications, GSEC, GCED, GCIA, GCFA, or similarCompany Overview• Plurilock provides invisible MFA and continuous authentication using behavioral-biometric and machine learning technology.It was founded in 2016, and is headquartered in Victoria, British Columbia, CAN, with a workforce of 51-200 employees. Its website is Apply tot his job