Principal Enterprise Endpoint Security Portfolio Architect

Job Description: • Define and maintain enterprise endpoint security reference architectures and roadmaps across Windows, macOS, Linux, iOS/Android, and specialized devices (IoT/OT where applicable) • Serve as portfolio owner for endpoint security solutions, including lifecycle management, investment planning, vendor strategy, and cost optimization • Lead design and adoption of modern endpoint protection platforms (NGAV, EDR, XDR) and ensure integration with SOC/SIEM/SOAR for advanced detection and response • Establish endpoint hardening, encryption, and privilege management standards (BitLocker, FileVault, AppLocker/WDAC, Just-in-Time access) • Drive UEM/MDM strategies (Intune, JAMF, Workspace ONE, etc.) to secure corporate, BYOD, and hybrid device environments • Ensure endpoint posture and compliance signals integrate into Zero Trust and conditional access models • Collaborate with IT, security, and operations teams to balance strong endpoint protection with workforce usability and productivity • Lead architectural risk assessments for endpoint platforms and ensure alignment with regulatory frameworks (NIST, ITAR/EAR, ISO 27001, CIS Benchmarks) • Mentor engineers and architects, raising enterprise capability in endpoint security best practices • Develop and track KPIs/metrics that demonstrate endpoint risk reduction, adoption of security controls, and value realization from endpoint investments Requirements: • Typically requires a University Degree or equivalent experience and a minimum 12 years of experience, or an Advanced Degree and a minimum 10 years experience. • 10+ years experience in cybersecurity, and/or information technology, or related intelligence community, military, or civil service fields. • 10+ years experience with endpoint protection technologies (CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, Palo Alto Cortex, etc.) and integration with SOC workflows • Experience leading endpoint security architecture at enterprise scale, preferably in global or regulated industries. • The ability to obtain and maintain a U.S. government issued security clearance is required. Benefits: • parental (including paternal) leave • flexible work schedules • achievement awards • educational assistance • child/adult backup care Apply tot his job