Security Consultant - Endpoint Security

A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience

• The Endpoint Security Engineer is responsible for implementing, managing, and monitoring endpoint security controls across enterprise environments. The role focuses on Antivirus, DLP, Application Control, EDR/XDR platforms, malware analysis, and continuous event and infrastructure monitoring for Windows and Linux operating systems.
• Manage and operate Endpoint Protection Platforms (EPP) including Antivirus, Anti-malware, and Host-based controls
• Administer and tune EDR/XDR solutions for threat detection, investigation, and response
• Implement and manage Application Control / Whitelisting policies
• Monitor and enforce Endpoint DLP policies to prevent data leakage
• Perform malware analysis (static and behavioral) and support incident investigations
• Monitor endpoint security events, alerts, and telemetry via SIEM/SOAR integrations
• Conduct endpoint threat hunting and root-cause analysis
• Support incident response activities including containment, isolation, and remediation
• Monitor endpoint infrastructure health (agents, sensors, updates, connectivity)
• Ensure endpoint security compliance across Windows and Linux environments
• Coordinate with SOC, Infra, and IT teams for incident resolution and platform optimization
• Maintain documentation, SOPs, and operational runbooks

Endpoint Security Technologies

Antivirus / Anti-malware solutions

EDR / XDR platforms

Application Control

Endpoint DLP

Endpoint agent health, versioning, and policy compliance

Patch and update monitoring

Ready to work in 24*7 shifts

Experience with Cortex XDR, Defender for Endpoint, CrowdStrike, or similar

Knowledge of PowerShell, Bash, Python for automation

Understanding of Zero Trust and endpoint hardening best practices

Exposure to ITIL-based operations and SLA-driven environments

Experience in enterprise SOC operations