Description
Endpoint Security Associate Director
Role Overview
The Senior Manager – Endpoint Security is responsible for the strategic leadership and operational excellence of the firm's enterprise endpoint security capabilities. This includes overseeing endpoint protection platforms, EDR/XDR, anti-malware, encryption, mobile device management, privileged endpoint access, and related threat detection and response functions.
This leader will drive security posture improvements, coordinate global operations, manage MSSP/MSP relationships, and ensure compliance with firm-wide security and risk management frameworks. The role will partner closely with Infrastructure, Cloud, Compliance, SOC, and Risk Operations Center teams.
Key Responsibilities
Strategic Leadership
* Develop and execute the endpoint security strategy aligned to the enterprise information security and risk management program (referencing strategic expectations from IT Security leadership roles).
* Continuously assess technology risk, emerging threats, and industry-leading practices to mature the endpoint security ecosystem.
* Provide direction for endpoint security engineering, operations, and platform optimisation.
Operational Management
* Lead global endpoint security operations including EDR/XDR, AV/anti-malware, encryption, MDM/MAM, and endpoint hardening controls (aligned to responsibilities outlined in endpoint security SOW documentation
* Ensure monitoring, tuning, and management of endpoint security consoles and related security tools.
* Oversee incident triage and remediation related to endpoint threats, including malware, privilege misuse, and endpoint compromise.
* Maintain the currency, health, and compliance of all endpoint security agents across the environment.
* Ensure proper isolation, quarantine, and eradication workflows for infected endpoints.
Governance, Compliance & Risk
* Establish and maintain endpoint security policies, standards, baselines, and operational runbooks.
* Provide audit support and ensure endpoint controls meet compliance obligations (as referenced in Cyber Defense job descriptions).
* Partner with Risk & Compliance to maintain an effective endpoint security risk management program.
Technology Engineering
* Design and enforce endpoint hardening standards, OS-level and application-level security configurations, and EPM (Endpoint Privilege Management) policies (aligned with EPM/PAM discussions).
* Oversee deployment, integration, and lifecycle management of endpoint security tools.
* Implement automated processes for endpoint discovery, onboarding, monitoring, and policy deployment (EPM automation themes).
Collaboration & Stakeholder Engagement
* Coordinate with SOC, Threat Intel, Cloud Security, Network Security, and Infrastructure teams for cross-functional security operations.
* Work closely with external partners (MSSP/MSP) for service delivery, escalation handling, tuning, and reporting.
* Provide regular reporting of endpoint health, compliance, threat trends, and risk exposure.
Team Leadership & Development
* Lead, mentor, and grow a global team of endpoint security engineers and analysts.
* Support professional development, certifications, and capability uplift across the team (consistent with professional development expectations).
Required Qualifications
* Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related discipline; Master's preferred.
* 8–12+ years of progressive IT/security experience with deep expertise in endpoint security technologies.
* Hands-on experience with EDR/XDR, AV/AM, EPM, encryption, MDM, OS hardening, and endpoint compliance tooling.
* Strong experience with incident response, malware triage, and endpoint threat analysis.
* Experience managing MSSP/MSP relationships and driving service excellence.
* Certifications such as CISSP, CISM, CEH, GIAC, or vendor-specific endpoint security certifications. (CISSP referenced in Cyber Defense JD).
Preferred Qualifications
* Experience with Microsoft Defender, CrowdStrike, JAMF, Intune, or other enterprise endpoint platforms.
* Knowledge of ISO 27001, NIST CSF, SOC2 or similar frameworks (consistent with other GT security roles).
* Experience in global or multi-regional organisations.
#LI-KS1