Cyber Security Engineer

Overview:

SOFTSWISS continues to expand the team and is looking for an Endpoint Security Engineer.

Key responsibilities:

• Deploy, configure, and maintain(as L3) endpoint security solutions

• Own the end-to-end vulnerability management process for endpoints

• Develop and enforce endpoint hardening standards

• Collaborate with the SOC and other security teams to correlate endpoint telemetry with network and cloud events for threat detection and response

• Participate in the resolution of endpoint-related security incidents

Required Experience:

• 3+ years of hands-on experience in endpoint security engineering, with a focus on Windows and macOS environments

• Deep expertise with modern EDR/XDR - deployment, policy configuration, agent management, and L3-level troubleshooting

• Proven experience with vulnerability management processes end-to-end: asset discovery, prioritization, remediation tracking, and reporting

• Hands-on experience with MDM solutions (Jamf, Intune, or equivalent) - including defining and enforcing security configuration requirements, compliance baselines, and policy rollout

• Strong knowledge of endpoint hardening standards for Windows (CIS Benchmarks, STIG) and macOS (CIS macOS Benchmark, NIST guidelines)

• Experience developing and maintaining hardening baselines, including scripted or policy-driven enforcement at scale

• Ability to formalise security requirements into policies, standards, and control frameworks

• Hands-on participation in incident response for endpoint-related security events: containment, investigation, root cause analysis

• Solid understanding of attacker TTPs (MITRE ATT&CK framework) as applied to endpoint threat scenarios

• Experience in development and automation (Python/Go)

• Structured written and oral communication to ensure clarity

• Upper Intermediate or higher English level

Nice to have:

• Security hardening of Linux-based systems

• Experience in development and automation (Python/Go)

• Solid understanding of attacker TTPs (MITRE ATT&CK framework) as applied to endpoint threat scenarios

• Experience with threat hunting on endpoint telemetry - proactively identifying anomalies beyond alert-driven workflows

• Understanding of PKI and certificate management as applied to endpoints (device certificates, mTLS, MDM enrollment)

• Experience with privileged access controls on endpoints - local admin management, PAM integration, or application allowlisting

• Familiarity with DLP solutions and data protection policies at the endpoint level

• Familiarity with compliance frameworks relevant to endpoint controls: PCI DSS, ISO 27001, or SOC 2 - particularly mapping hardening standards to control requirements

Our benefits:

• Full-time remote work opportunities and flexible working hours

• Private insurance

• Additional 1 Day Off per calendar year

• Sports program compensation

• Comprehensive Mental Health Programme

• Free online English lessons with a native speaker

• Generous referral program

• Training, internal workshops, and participation in international professional conferences and corporate events