{bc}
linkedin

Endpoint & Email Security Engineer

Acuative Middle East
Jeddah, KSA
fulltime
Entry
Today
Network SecurityFirewall ConfigurationSIEM (Security Information and Event Management)Intrusion Detection/Prevention Systems (IDS/IPS)Vulnerability AssessmentPenetration Testing
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Network SecurityFirewall ConfigurationSIEM (Security Information and Event Management)
Smart Apply

Full Job Posting

Job Summary

The Endpoint & Email Security Engineer is responsible for the day-to-day operation, administration, and optimization of the organization's endpoint and email security platforms.

The primary focus of this role is to protect corporate endpoints and email services from cyber threats through continuous monitoring, policy management, incident investigation, and remediation.

The engineer will work closely with the Security Operations Center (SOC), Infrastructure, Messaging, Identity, and End User Computing teams to ensure endpoint devices and email systems remain secure, resilient, and compliant with organizational security standards.

Endpoint Security Operations

  • Administer, maintain, and optimize enterprise Endpoint Detection and Response (EDR/XDR) and Endpoint Protection Platform (EPP) solutions.
  • Monitor endpoint security alerts and investigate suspicious activities.
  • Perform malware analysis and coordinate endpoint containment, eradication, and recovery activities.
  • Isolate compromised endpoints and execute remediation procedures.
  • Ensure endpoint protection agents are deployed, healthy, and up to date across the enterprise.
  • Manage endpoint security policies, including antivirus, device control, application control, host firewall, and endpoint hardening.
  • Investigate endpoint security incidents and perform root cause analysis.
  • Coordinate remediation activities with Desktop Support and Infrastructure teams.
  • Monitor endpoint compliance and resolve agent health or deployment issues.
  • Support operating system and endpoint security hardening initiatives.

Email Security Operations

  • Administer and maintain enterprise email security platforms and secure email gateways.
  • Monitor, investigate, and remediate phishing, spam, malware, business email compromise (BEC), spoofing, and impersonation attacks.
  • Analyze suspicious emails, attachments, URLs, and email headers.
  • Remove malicious emails from user mailboxes using enterprise security tools.
  • Manage email filtering, quarantine policies, and threat protection rules.
  • Support the implementation and monitoring of SPF, DKIM, and DMARC.
  • Review and optimize email security policies to improve detection accuracy while minimizing false positives.
  • Coordinate phishing campaign remediation and provide technical support for security awareness initiatives.
  • Collaborate with Messaging and Microsoft 365 administrators to improve email security posture.

Incident Response & Remediation

  • Investigate endpoint and email security incidents in accordance with incident response procedures.
  • Execute containment, eradication, and recovery activities.
  • Document findings, evidence, and remediation actions.
  • Escalate complex incidents to senior security engineers or the SOC as appropriate.
  • Participate in post-incident reviews and recommend improvements to prevent recurrence.
  • Maintain incident response playbooks related to endpoint and email security.

Platform Administration

  • Perform configuration, maintenance, and upgrades of endpoint and email security platforms.
  • Monitor platform availability, performance, and operational health.
  • Ensure integration with SIEM, SOAR, Identity, and IT Service Management (ITSM) platforms.
  • Support onboarding of new users, devices, and business units.
  • Troubleshoot operational issues affecting security tools and services.
  • Maintain platform documentation and standard operating procedures.

Threat Prevention & Continuous Improvement

  • Tune detection rules and security policies to improve threat detection and reduce false positives.
  • Monitor emerging threats targeting endpoints and email systems.
  • Develop and implement new detection use cases based on threat intelligence.
  • Participate in proactive threat hunting activities related to endpoint compromise and phishing campaigns.
  • Recommend enhancements to endpoint and email security controls and processes.
  • Support automation initiatives to improve operational efficiency and response times.

Reporting & Compliance

  • Produce operational reports and dashboards on endpoint and email security performance.
  • Track remediation activities and compliance with defined service level agreements (SLAs).
  • Support internal and external security audits.
  • Ensure endpoint and email security controls comply with organizational policies and regulatory requirements.
  • Maintain accurate documentation of security configurations, incidents, and operational procedures.

Required Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.
  • 3–5 years of experience in endpoint security, email security, or security operations.
  • Experience administering enterprise endpoint protection and email security solutions.
  • Strong understanding of malware, phishing, ransomware, and endpoint attack techniques.
  • Experience investigating and remediating endpoint and email security incidents.

Endpoint Security

  • Microsoft Defender for Endpoint
  • CrowdStrike Falcon
  • SentinelOne

• Trend Micro Vision One

  • Trellix (McAfee)

• VMware Carbon Black

  • Elastic Defend
  • Endpoint Detection and Response (EDR/XDR)

Email Security

  • Microsoft Defender for Office 365

• Exchange Online Protection (EOP)

  • Proofpoint
  • Mimecast

• Google Workspace Security

  • DMARC
  • DKIM
  • SPF

Security Technologies

  • SIEM (Microsoft Sentinel, Splunk, Elastic Security, QRadar)
  • SOAR Platforms

• Microsoft Entra ID

  • Active Directory
  • Windows Security
  • Linux Fundamentals
  • PowerShell
  • Python (basic scripting preferred)

Preferred Certifications

  • Microsoft SC-200 – Security Operations Analyst
  • Microsoft MD-102 – Endpoint Administrator
  • Microsoft MS-102 – Microsoft 365 Administrator
  • CompTIA Security+

• Certified Ethical Hacker (CEH)

  • GIAC GSEC or GCIH

• CrowdStrike Certified Falcon Administrator (preferred)

  • Microsoft Defender for Endpoint or Defender for Office 365 certifications (preferred)
  • Vendor certifications for Proofpoint, Mimecast, or Cisco Secure Email (preferred)

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Acuative Middle East