Technology Services Engineer - Endpoint Protection

Immediate need for an Endpoint Protection Tech Services Engineer to work with a healthcare IT firm delivering secure, reliable IT solutions that empower providers to focus on what matters most — exceptional patient care!

Job Title: Technology Services Engineer - Endpoint Protection
What You'll Do: Own endpoint security and patch compliance across several MSP client environments. You will plan, test, deploy, and monitor OS/app updates; deploy, manage, and tune EDR/XDR; validate vulnerability findings; and lead/execute incident response playbooks for malware, ransomware, and insider risks. The role blends hands-on tooling, automation, and client-facing communication to measurably raise security posture and maintain compliance.

Responsibilities:

· Patch management at scale: Build ringed deployment strategies, pilots, and phased rollouts; schedule maintenance windows; handle approvals/rollback; track patch compliance SLAs across Windows (and macOS where applicable) via various ITSM tools.
· Application & driver updates: Package, test, and deploy third-party updates (e.g., browsers, runtimes); manage superdense and compatibility issues.
· EDR/XDR operations: Deploy and maintain EDR/XDR; configure policies, prevention/visibility settings, exclusions, device control, and rules; monitor detections and contain/isolate endpoints.
· Threat hunting & investigations: Use ITSM tools (Advanced Hunting / KQL) to identify IOCs, suspicious behaviors, lateral movement, and persistence; document findings and recommendations.
· Incident response: Execute playbooks (triage → containment → eradication → recovery); coordinate with clients and internal teams; produce RCAs and hardening actions post-incident.
· Vulnerability management: Validate scan results from ITSM tools; prioritize by CVSS/exploitability, assign owners, track remediation/exception justifications, and report aging.
· Endpoint hardening: Apply baselines (CIS-aligned where applicable), BitLocker, local admin control, Credential Guard/LSA protections, firewall policies, Wi-Fi/proxy/SSL inspection considerations.
· Automation & reporting: Script with PowerShell and APIs/Graph to automate deployments, compliance checks, evidence packs, and exceptions; publish dashboards (compliance %, MTTP, EDR coverage, vuln aging).
· Change & documentation: Follow CAB/change control; maintain runbooks, SOPs, and client security review decks; ensure ticket/time-entry hygiene in PSA.
· Client communication: Lead security check-ins/QBRs, advise on risk and prioritization, and translate technical outcomes into business impact and next steps.

What You'll Bring

· 3+ years in an MSP or multi-tenant environment focused on endpoint security and patch management.
· Hands-on expertise with device management tools.
· Operational experience with EDR/XDR and vulnerability tools for Endpoints including policy tuning, incident handling, and containment.
· Intermediate PowerShell for automation and reporting.
· Solid fundamentals in Windows endpoint administration, AD/Entra device compliance, networking basics and change management.
· Clear, concise communication: comfortable leading client-facing security reviews and incident updates.

Work Location: Onsite in John's Creek/Alpharetta area with occasional travel to client sites.

Why You’ll Love Working Here:
Impactful work: your projects directly support the systems that power healthcare delivery.
Close collaboration with experienced engineers and IT leaders across infrastructure, cloud, and security.
Opportunity to shape and scale project delivery practices in a growing MSP environment.
Competitive salary, comprehensive benefits (medical, dental, vision, life, disability, 401(k) match), and robust PTO.