<h2>Overview:</h2><p>SOFTSWISS continues to expand the team and is looking for a Cybersecurity Engineer.</p><h2>Key responsibilities:</h2><ul><li><p>Deploy, configure, and maintain(as L3) endpoint security solutions</p></li><li><p>Own the end-to-end vulnerability management process for endpoints</p></li><li><p>Develop and enforce endpoint hardening standards</p></li><li><p>Collaborate with the SOC and other security teams to correlate endpoint telemetry with network and cloud events for threat detection and response</p></li><li><p>Participate in the resolution of endpoint-related security incidents</p></li></ul><h2>Required Experience:</h2><ul><li><p>3+ years of hands-on experience in endpoint security engineering, with a focus on Windows and macOS environments</p></li><li><p>Deep expertise with modern EDR/XDR - deployment, policy configuration, agent management, and L3-level troubleshooting</p></li><li><p>Proven experience with vulnerability management processes end-to-end: asset discovery, prioritization, remediation tracking, and reporting</p></li><li><p>Hands-on experience with MDM solutions (Jamf, Intune, or equivalent) - including defining and enforcing security configuration requirements, compliance baselines, and policy rollout</p></li><li><p>Strong knowledge of endpoint hardening standards for Windows (CIS Benchmarks, STIG) and macOS (CIS macOS Benchmark, NIST guidelines)</p></li><li><p>Experience developing and maintaining hardening baselines, including scripted or policy-driven enforcement at scale</p></li><li><p>Ability to formalise security requirements into policies, standards, and control frameworks</p></li><li><p>Hands-on participation in incident response for endpoint-related security events: containment, investigation, root cause analysis</p></li><li><p>Solid understanding of attacker TTPs (MITRE ATT&CK framework) as applied to endpoint threat scenarios</p></li><li><p>Experience in development and automation (Python/Go)</p></li><li><p>Structured written and oral communication to ensure clarity</p></li><li><p>Upper Intermediate or higher English level</p></li></ul><h2>Nice to have:</h2><ul><li><p>Security hardening of Linux-based systems</p></li><li><p>Experience in development and automation (Python/Go)</p></li><li><p>Solid understanding of attacker TTPs (MITRE ATT&CK framework) as applied to endpoint threat scenarios</p></li><li><p>Experience with threat hunting on endpoint telemetry - proactively identifying anomalies beyond alert-driven workflows</p></li><li><p>Understanding of PKI and certificate management as applied to endpoints (device certificates, mTLS, MDM enrollment)</p></li><li><p>Experience with privileged access controls on endpoints - local admin management, PAM integration, or application allowlisting</p></li><li><p>Familiarity with DLP solutions and data protection policies at the endpoint level</p></li><li><p>Familiarity with compliance frameworks relevant to endpoint controls: PCI DSS, ISO 27001, or SOC 2 - particularly mapping hardening standards to control requirements</p></li></ul><h2>Our benefits:</h2><ul><li><p>Full-time remote work opportunities and flexible working hours</p></li><li><p>Private insurance</p></li><li><p>Additional 1 Day Off per calendar year</p></li><li><p>Sports program compensation</p></li><li><p>Comprehensive Mental Health Programme</p></li><li><p>Free online English lessons with a native speaker</p></li><li><p>Generous referral program</p></li><li><p>Training, internal workshops, and participation in international professional conferences and corporate events</p></li></ul>
