Job Details

Sangoma is seeking a motivated and detail-oriented Endpoint Security Engineer with experience in Incident Response, SOC operations, operating system security, and automation. In this role, you will help strengthen the company's security posture by designing and implementing new endpoint security solutions and improving existing controls.

You will collaborate closely with teams across the technology organization to investigate security events, document lessons learned and drive meaningful improvements. This mid-level position is ideal for someone who can communicate effectively with both technical and non-technical stakeholders and enjoys building and enhancing security capabilities. This is a remote position with a preference for candidates located in the Central or Eastern time zones.

Requirements

Your Role:

• Serve as an escalation point for SOC/EDR/XDR alerts and suspected security incidents.
• Automate and optimize Incident Response procedures with PowerShell, Python, and scripted API calls.
• Write custom detection rules in EDR platforms such as CrowdStrike, SentinelOne, and Microsoft Defender.
• Test and deploy EDR agent updates.
• Evaluate and implement endpoint and endpoint adjacent security solutions.
• Document Incident Response procedures and cross-train technical personnel on those procedures.
• Participate in penetration testing and tabletop Incident Response exercises.
• Produce and improve security dashboards and reports.
• Maintain solution and procedure documentation.
• Collaborate with IT, Infrastructure, and Cloud teams to implement secure endpoint configurations and controls.
• Identify gaps in endpoint security coverage and recommend remediation or enhancements.
• Support vulnerability remediation and endpoint hardening initiatives.
• Participate in an on-call rotation, being reachable 24/7 during assigned on-call periods, one week per month.
• Coordinate with SOC and IT teams to investigate and resolve high-priority endpoint security incidents during on-call periods.

Requirements

• 4–6 years of experience in a security, SOC, or Incident Response role.
• Solid experience working with one or more EDR solutions such as Sentinel One, CrowdStrike, or Microsoft Defender.
• In-depth understanding of threat behaviors in the context of the MITRE ATT&CK Framework.
• Intermediate understanding of Windows, MacOS, and Linux file structures and process architecture.
• Experience participating in ITIL-oriented Change Management, Incident Management, and Problem Management processes in an enterprise environment.
• Experience with automation and API calls via Python and/or PowerShell.
• One or more industry-standard security certifications including but not limited to Security+, CySA+, Microsoft SC-200, CEH, GIAC, or similar.

Preferred:

• Solid experience working with SIEM / SOAR solutions for event correlation and automated response.
• Experience performing forensic investigations and malware analysis.
• Ability to perform and document penetration testing exercises.
• Knowledge of cloud and/or hybrid environments such as Microsoft 365, Azure, AWS, Intune, or similar platforms.

Benefits

What We Offer:

• Extensive Benefit Options (Health, Vision, Dental, Long & Short term Disability) effective after a short waiting period
• Matching 401K program - 100% match on 4%.
• Employee Stock Purchase Plan after one year of service.
• Flexible Time Off & Company Holidays
• Entrepreneurial work environment partnered with high growth career opportunities
• We value transparency and fairness in our compensation practices. For this role, we offer a salary range of $100,000 to $110,000 per year, commensurate with experience, qualifications, and location.

Are you ready to make a direct impact on the company and be rewarded for your performance? Are you ready to take on a new challenge?

Must be authorized to work in the United States on a full-time basis for any employer. No agencies or third-party resumes, please.

Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities.