Endpoint Security Stack Manager Role OverviewOwn the operations, health, and continual improvement of the enterprise endpoint security stack—delivering high coverage, fast detection/containment, tight compliance, and great engineer/operator experience. Tools in scope include CrowdStrike Falcon EDR/XDR, Microsoft Intune (MEM) for Windows/macOS/iOS/Android MDM/MAM, Qualys VMDR (incl. PC/SCA), Absolute for asset assurance, and device compliance gating (Intune + Entra Conditional Access). This role collaborates closely with the SOC/MXDR provider and infra/client-engineering to maintain a defensible, auditable endpoint posture at scale. Scope & Tooling (authoritative systems)EDR/XDR: CrowdStrike Falcon (sensors, prevention policies, RTR, identity protection, device control).MDM/MEM: Microsoft Intune/MEM (enrollment, configuration profiles, compliance policies, app protection, update rings).Vulnerability & Config: Qualys VMDR + Policy Compliance + Secure Configuration Assessment (agents, scanners, appliances). Asset Assurance: Absolute (agent health, tamper detection, device location/lock/wipe). Device Compliance/Zero Trust: Intune + Entra Conditional Access device posture gates, aligned to GT endpoint standards. Adjacencies: Endpoint Privilege Mgmt (e.g., CyberArk EPM), encryption (BitLocker/FileVault), SIEM/SOAR and SOC integrations—per GT's defense‑in‑depth architecture.Key ResponsibilitiesPlatform Operations & MaintenanceOwn day‑to‑day operations of EDR/MDM/VM/Asset Assurance platforms: console administration, policy lifecycle, agent currency, tuning, and change control (CAB) aligned to GT standards. Maintain sensor/agent health & coverage across all supported OSes; drive auto‑healing and deployment automation (Intune, scripts) to keep coverage above target SLAs.Run Qualys scans at scale (agents/appliances), fix coverage gaps, and partner with patching teams on remediation SLAs. Administer device compliance policies and Conditional Access posture gates for Zero Trust access; minimize user friction while enforcing baseline. Oversee Absolute for asset assurance (visibility, investigation support, and recovery workflows).Detection, Response & SOC CollaborationEnsure high‑fidelity EDR detections and rapid containment (isolation, RTR, IOCs), with playbooks aligned to the SOC/MXDR provider; continuously tune to reduce false positives.Serve as tier‑3/engineering escalation for endpoint incidents; contribute to incident post‑mortems, root cause fixes, and lessons‑learned hardening.Governance, Risk & ComplianceAlign all tooling and controls with GT Endpoint Security Standard and defense‑in‑depth architecture; maintain audit‑ready evidence, runbooks, and metrics. Own tool control mappings to CIS/NIST/ISO; partner with GRC for control attestations and external audits.Engineering & AutomationDrive policy-as-code and automation for agent deployment, compliance enforcement, and reporting (PowerShell, KQL, Python, Graph, APIs).Rationalize integrations with SIEM/SOAR, CMDB/asset systems, ticketing, and collaboration tools—consistent with the enterprise architecture. Lifecycle & Vendor ManagementManage licensing, renewals, roadmaps, and vendor/MSP/MSSP relationships; evaluate new capabilities (e.g., identity threat protection, device control enhancements). M&A / New Environment OnboardingLead EDR and Qualys roll‑in for acquisitions per the InfoSec M&A Playbook: uninstall legacy agents, deploy GT standard agents, integrate to SOC, and hit day‑1 protection/visibility. Required Experience & Qualifications8+ years in endpoint security/operations; 3+ years leading EDR/MDM/Vulnerability platforms at enterprise scale.Hands‑on with CrowdStrike Falcon, Intune/MEM (Windows/macOS/iOS/Android), Qualys VMDR/PC/SCA, Absolute, and device compliance/Conditional Access; familiarity with CyberArk EPM, BitLocker/FileVault helpful in GT context. Strong OS internals (Windows/macOS/Linux), scripting (PowerShell, KQL, Python), packaging/deployment, API integrations.Knowledge of NIST CSF, CIS benchmarks, ISO 27001; ITIL change/problem. Certifications a plus: CrowdStrike (CCFR/CCFA/CCFH), Microsoft (SC‑200/AZ‑500/MS‑101), Qualys, GIAC (GCIA/GCED/GCFA), ITIL.#LI-KS1We are Grant ThorntonGrant Thornton Ireland is rapidly approaching 3,000 people, in 9 offices across Ireland, Isle of Man, Gibraltar and Bermuda. With a presence in over 149 countries around the world and a global network of 73,000 people, we bring our clients the local knowledge, national expertise and global presence to help them succeed – wherever they're located.At GT, we work as trusted advisors, bringing local knowledge and national expertise, with a global presence, to help businesses succeed – wherever they are located. We make business more personal by investing in building relationships and empowering our clients to make the right decisions for their organisation now and for the future. Whether that is working with the public sector to build thriving communities, with regulators and financial institutions to build trust, or with a diverse range of businesses to help them achieve their goals, Grant Thornton Ireland work hard to support clients to act on the issues that matter.At GT Ireland we don't just predict your future, we build it. A Career at GTLooking for a more fulfilling role in professional services? One where fresh thinking, collaboration and diversity are valued? At Grant Thornton we do things differently.What does this mean for you?A career in a more inclusive working environment, a more collaborative work culture, a more supported, flexible working role, more possibilities to grow and more opportunities to help shape the future for your clients. We respect and value your experience. And we want you to bring your authentic self to work and be at your best. It is how it should be. Grow with us At Grant Thornton, we care about our people and work hard to make you feel valued. If you are looking to deepen and develop your skills, knowledge, and experience throughout your career, then that is what you will get, and more.Our BenefitsPlease follow this link for information on our generous benefits package.Equity, diversity and inclusionAt Grant Thornton, we provide equitable opportunities for all our colleagues. We are a responsible, sustainable business where equity, diversity and inclusion (ED&I) is at the forefront of our workplace culture agenda, and today, we continue to build and develop on our existing ED&I structure and strategy to meet our workplace culture needs. People are at the heart of our business and teams built with varied individuals present diverse viewpoints, which need to be heard and valued.We are all at our best when we are able to be ourselves and we view integrity and authenticity as integral values to bring to our day-to-day work-life at the firm. We are excited to see the personality and perspectives you will bring to our team because we know we will all benefit from them. Diversity of thought, background and experience enables better decision-making, improves the quality of our delivery, and helps us to meet the needs of our clients. Our firm is built on people and their ideas, so we want to hear all the new perspectives and fresh thinking you have to offer. You form the bedrock of our firm's best-practice principles and we will champion you as leaders from day one. Reward and benefitsOur reward and benefits are designed to create an environment where our people can flourish. We are committed to building a culture where our people have access to the necessary benefits to help promote a healthy lifestyle and thrive.RecognitionWe want to create a culture of recognition and celebrating success, by saying thank you to people who surpass our expectations and recognising the right values and behaviours. Our Shout Out recognition scheme is our way of highlighting and promoting achievements. Whether you simply want to say thank you, celebrate a special occasion or give an award for doing something exceptional, you can do all of this and more through the scheme.