ResponsibilitiesPerform hands-on endpoint hardening activities to reduce enterprise attack surface across workstations and servers by enforcing secure configurations, minimizing unnecessary services, and supporting execution control mechanisms under established standards and guidance.Support application execution control and endpoint attack surface reduction through day-to-day administration of Airlock application allowlisting, including policy updates, rule maintenance, and exception handling following approved processes.Review, triage, and process Airlock allowlisting requests from application and infrastructure teams, performing technical validation and escalating complex or high-risk cases to senior engineers as required.Assist with maintaining endpoint security baselines by implementing configuration changes, validating compliance, and documenting deviations or operational impacts.Provide operational support for endpoint security tooling and platforms, including troubleshooting enforcement issues, validating allowlisting behavior, and supporting audit and compliance evidence collection.Participate in a scheduled on-call rotation, providing after-hours and weekend support for endpoint hardening or execution control issues.Collaborate with Network Security (NetSec) teams to support endpoint-to-network exposure reduction efforts, such as restricted protocol usage, connectivity dependencies, or Zero Trust enforcement impacts.Support Data Security (DataSec) initiatives by assisting with endpoint controls that help protect sensitive data, including prevention of unauthorized tools and alignment with approved software and data protection policies.RequirementsNote: The description does not specify formal qualifications. Please refer to the original document for details.
#J-18808-Ljbffr