IT Endpoint Security Lead
In the dynamic landscape of On, the tech thrives much like a spirited runner: always moving, always improving. We are building technology that continues to supercharge the growth of On, helping to ignite the human spirit through movement.
The Endpoint Security Lead will be responsible for designing, implementing, and managing advanced endpoint security strategies to protect enterprise devices and users. You will ensure continuous compliance with internal security policies and regulatory requirements while leveraging JAMF, Intune, and MacOS security technologies to enforce security controls across all endpoints.
This role requires deep technical expertise in endpoint security solutions, strong leadership in defining security posture for diverse device environments (macOS, Windows, mobile), and the ability to drive automation, integration, and proactive threat mitigation across the organization.
Your Mission
- Endpoint Security Strategy & Architecture
- Design and implement advanced endpoint security strategies to safeguard corporate devices, ensuring resilience against modern threats.
- Define and enforce Zero Trust-based endpoint security architectures, implementing least privilege models and adaptive security controls for enterprise endpoints.
- Develop and maintain endpoint security policies, standards, and guidelines aligned with industry best practices (CIS, NIST, ISO 27001).
- Endpoint Security Technology Implementation & Management
- Oversee JAMF Pro and Microsoft Intune for MacOS and Windows endpoint security management, ensuring policy enforcement, patching, and compliance monitoring.
- Deploy and manage endpoint protection solutions (EDR, XDR, AV) and ensure continuous threat visibility and mitigation.
- Develop and enforce endpoint hardening standards and security baseline configurations across macOS, Windows, and mobile devices, incorporating CIS benchmarks, least privilege access models, and advanced threat protection.
- Automate security policy enforcement and device compliance workflows to reduce risk exposure and improve efficiency.
- Ensure seamless integration of endpoint security tools with SIEM, SOAR, and identity platforms (e.g., Okta, Azure AD) for comprehensive security operations.
- Leverage APIs and scripting (e.g., Python, PowerShell) to automate security tasks and enhance endpoint security operations.
- Threat Detection, Incident Response & Automation
- Work closely with SOC and Threat Management teams to enhance endpoint detection, response, and remediation capabilities.
- Develop and optimize custom detection rules and endpoint logging strategies to improve visibility and threat identification.
- Automate incident response workflows, integrating endpoint security tools with SIEM/SOAR platforms to accelerate threat containment and mitigation.
- Lead endpoint-related security investigations, ensuring rapid containment and recovery from security incidents.
- Training and Mentoring: Providing training and mentoring to team members, fostering a culture of learning and knowledge sharing within the organisation.
Your Story
- 8+ years of experience in Endpoint Security, Endpoint Management, or IT Security Engineering roles.
- Expertise in JAMF Pro for MacOS security management and Microsoft Intune for Windows & mobile device security.
- Strong knowledge of macOS security architecture, MDM (Mobile Device Management), and endpoint hardening techniques.
- Hands-on experience with Endpoint Protection Platforms (EPP), Endpoint Detection & Response (EDR/XDR), and Zero Trust principles.
- Proficiency in automation & scripting (Python, PowerShell, Bash) for endpoint security configurations and policy management.
- Familiarity with compliance frameworks (ISO 27001, NIST 800-53, CIS Benchmarks, SOC2, GDPR).
- Experience integrating endpoint security solutions with SIEM, SOAR, and identity platforms..
- Strong analytical and problem-solving skills, with the ability to troubleshoot endpoint security incidents and compliance issues.
- Excellent communication skills to articulate security concepts to technical and non-technical stakeholders.
Meet The Team
As an integral part of the Information Security team at On, you'll find yourself at the heart of a fast-paced, diverse environment. Our ecosystem thrives on collaboration - a confluence of curious minds challenging and learning from one another, always seeking the uncharted. Here, we venture into new territories of technology and security, continuously refining our approach and embracing challenges head-on.
What We Offer
On is a place that is centered around growth and progress. We offer an environment designed to give people the tools to develop holistically - to stay active, to learn, explore and innovate. Our distinctive approach combines a supportive, team-oriented atmosphere, with access to personal self-care for both physical and mental well-being, so each person is led by purpose.
On is an Equal Opportunity Employer. We are committed to creating a work environment that is fair and inclusive, where all decisions related to recruitment, advancement, and retention are free of discrimination.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
einen besseren Job
