Windows Client Security Specialist

Purpose

The Windows Client Security Specialist is responsible for the day-to-day operational security of Windows endpoints across the enterprise. This role focuses on monitoring, maintaining, and improving the endpoint security posture through effective use of security tools, consistent application of security baselines, timely patching, and strong collaboration with IT and Cybersecurity teams. The specialist ensures endpoints remain compliant, protected, and resilient by executing operational security processes and leading small-to-medium sized endpoint security initiatives and projects while responding to threats in real time.

Job Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience.
• Minimum of 10 years of hands-on technical experience in a similar endpoint security, Windows client security, or desktop engineering role within a medium-to-large enterprise environment.
• Experience in operational endpoint security, IT security operations, or Windows administration in a medium-to-large enterprise environment.
• Experience with industry-standard endpoint management and security tools such as Microsoft Intune, ManageEngine, or similar platforms, including policy deployment, compliance monitoring, and configuration troubleshooting.
• Operational familiarity with Microsoft Defender for Endpoint, including alert triage, threat investigation, and remediation workflows.
• Strong working knowledge of Windows 11 configuration, hardening practices, registry management, and endpoint security troubleshooting.
• Understanding vulnerability remediation, patching processes, and compliance validation.
• Ability to investigate and resolve endpoint security issues efficiently in a fast-paced operational environment.
• Demonstrated experience leading small-to-medium sized IT or security projects, including planning, execution, coordination, and status reporting.
• Strong organizational and documentation skills with an emphasis on consistency, accountability, and delivery.
• Clear written and verbal communication skills with the ability to collaborate effectively across IT and Cybersecurity teams.

Job Responsibilities

• Perform daily operational tasks to maintain the security and compliance of all Windows client endpoints.
• Administer and support endpoint management platforms (Intune, ManageEngine, or similar) to ensure successful deployment of security configurations, updates, and applications.
• Maintain and apply Windows security baselines, GPO settings, and Intune compliance policies to ensure consistent device hardening.
• Respond to Microsoft Defender for Endpoint alerts, investigate endpoint-level threats, and coordinate remediation steps with
• Cybersecurity and IT Operations.
• Conduct vulnerability and patch compliance checks; coordinate remediation activities to close security gaps.
• Track and report on endpoint health, patch status, security compliance, and configuration drift.
• Support operational execution of Zero Trust requirements, including Conditional Access enforcement and device compliance validation.
• Troubleshoot security-related endpoint issues such as BitLocker encryption failures, agent health issues, and policy misalignment.
• Perform routine audits of device inventory, baseline adherence, application versions, and policy compliance.
• Maintain accurate documentation for operational processes, troubleshooting guides, standard operating procedures, and endpoint security workflows.
• Partner with Desktop Engineering, Service Desk, Infrastructure, and Cybersecurity teams to resolve endpoint issues and improve operational processes.
• Remediate penetration test findings on endpoints, including coordinating fixes, validating remediation effectiveness, and ensuring long-term compliance.
• Deploy Windows updates using the Semi-Annual Channel to ensure operating systems remain current and compliant.
• Lead small-to-medium sized endpoint security projects, such as security tool rollouts, OS upgrades, baseline enhancements, and remediation initiatives.
• Plan and coordinate project activities, including scope definition, timelines, dependencies, and resource needs, to ensure delivery with minimal business and end-user disruption.
• Track and communicate project progress, risks, and issues, providing regular status updates and documentation to stakeholders and leadership.