Senior System Engineer (Desktop Security)
Luxoft
Job Summary
Senior System Engineer (Desktop Security) for a top US hedge fund. You'll be part of the Technology Infrastructure Team, responsible for implementing and maintaining robust security measures for Windows 10/11 and macOS desktops. This includes managing desktop builds, optimizing build processes, troubleshooting issues, conducting security assessments, collaborating with Information Security teams, developing security best practices, responding to incidents, and staying updated on security threats. The role requires strong knowledge of SCCM, Intune, and JAMF for device management and security, as well as experience with GPOs, troubleshooting using tools like Sysinternals, and understanding the Windows registry. The ideal candidate will possess strong problem-solving, analytical, and communication skills, and be able to prioritize tasks in a fast-paced environment.
Must Have
- Bachelor's degree in Technology/CS or equivalent
- In-depth Windows 10/11 knowledge
- GPO creation for Windows 10/11
- Troubleshooting using Sysinternals
- 3+ years' experience in Windows OS, SCCM, Intune
- Strong problem-solving skills
- Ability to prioritize and lead troubleshooting
Good to Have
- Experience in banking or similar companies
- Experience with Qualys/PatchMyPC
- Experience with JAMF, Active Directory, GPO, WMI, and SSO
- Proficiency in PowerShell, Bash, or Python
- Experience with network/endpoint security protocols
Job Description
Project description
Desktop Security System Engineer position for Top US hedge fund.
You will be a part of Technology Infrastructure Team which operates the foundational technology platforms that
power all of client's applications and businesses. The team focuses on innovation and challenges the current state of our infrastructure
technology in a fast-paced, dynamic, and collaborative working environment.
Responsibilities
You will be responsible for implementing and maintaining robust security measures to protect against
threats and vulnerabilities and ensuring seamless integration of these tools into our security
infrastructure.
Specifically, you will:
Manage and maintain Windows 10 and macOS desktop builds, ensuring consistency and
compliance with company standards
Design, implement, and optimize build processes for desktop systems, applications, and
Monitor and troubleshoot desktop build issues, responding to incidents and ensuring timely
resolution
Develop and maintain documentation for build processes, configurations, and troubleshooting
procedures
Implement and manage security for Windows and Mac desktops, integrating SCCM, Intune and
JAMF for comprehensive device management and security
Conduct security assessments and audits, utilizing device management reporting features to
identify vulnerabilities and compliance issues
Collaborate with Information Security teams to integrate policies and configurations into the
Windows desktop lifecycle
Develop and enforce security best practices and standards, leveraging SCCM, Intune and JAMF
capabilities for enhanced security management
Respond to security incidents, investigate and provide/or work on remediation efforts
Stay updated on the latest security threats and trends, especially those impacting Windows and
Mac environments
Provide training and support on security awareness and effective device management
Work with vendors and external agencies to enhance security measures, including the
integration of third-party tools with our management tools
Skills
Must have
We are looking for an inquisitive, dynamic, and hands-on individual to join our End User Compute
technology team to help develop an endpoint security strategy.
Bachelor's degree with a concentration in Technology, Computer Science or related discipline or
commensurate experience
In-depth Windows 10/11 knowledge,
Understands and can creates GPOs for Windows 10/11,
Can troubleshoot performance and application related issue using tools like Systinternals,
Understands the Windows registry architecture and can create registry fixes
Understands how to test in environments, with a regression plan
3+ years of experience in Windows operating systems, specifically with extensive knowledge of
desktop builds, security and management in SCCM and Intune
Strong problem-solving, analytical, and communication skills
Ability to prioritize and lead the team to troubleshoot complex issues across the entire firm,
provide root cause analyses, and make recommendations to mitigate future risk
Ability to maintain composure and focus in a fast-paced environment
Ability to encourage diversity of thought across the team and promote collaboration for
potential better outcomes
Be flexible to work on a broad range of issues, tasks and occasional weekend work/on call
rotation as required
Commitment to the highest ethical standards
Nice to have
Experience working in banking or similar companies
Experience using Qualys/PatchMyPC in desktop (including virtual) environments
Experience with JAMF, Active Directory, GPO, WMI, and SSO
Proficiency in scripting languages such as PowerShell, Bash, or Python
Hands-on experience with network and endpoint security protocols, cryptography, authentication, authorization, and intrusion detection/prevention systems
Other
Languages
English: B2 Upper Intermediate
Seniority
Senior