Location
Dallas, Texas, United States
Capabilities
Enterprise Functions
Office Setup
Remote
Job ID
#42272
Industry
Enterprise Functions
At Jacobs, we're challenging today to reinvent tomorrow by solving the world's most critical problems for thriving cities, resilient environments, mission-critical outcomes, operational advancement, scientific discovery and cutting-edge manufacturing, turning abstract ideas into realities that transform the world for good.
Your impact
The Endpoint Security & Exposure Management Engineer is responsible for the design, implementation, administration, and continuous improvement of endpoint security controls and enterprise exposure management capabilities. This role focuses on reducing organizational cyber risk through effective application control, privilege management, vulnerability management, and remediation governance.
The successful candidate will serve as a technical subject matter expert for endpoint security technologies and exposure management platforms, within the Cybersecurity Engineering team, working closely with infrastructure, desktop engineering, application support, cloud, and wider IT teams to strengthen the organization's security posture and ensure timely remediation of identified risks.
Key Responsibilities
Endpoint Security
Design, implement, and maintain endpoint security controls across Windows, Linux, and macOS environments.
Administer and optimize application control and application allowlisting solutions.
Develop and maintain privilege management policies based on Zero Trust and least-privilege principles.
Investigate and resolve endpoint security issues related to application execution, privilege elevation, and policy enforcement.
Collaborate with desktop engineering teams to develop secure endpoint standards and configurations.
Support endpoint hardening initiatives aligned with industry best practices and security frameworks.
Develop reporting and metrics to demonstrate endpoint security effectiveness and risk reduction.
Exposure Management & Vulnerability Management
Manage the enterprise vulnerability management lifecycle, including identification, assessment, prioritization, remediation, and validation.
Administer vulnerability scanning and assessment platforms across on-premises, cloud, and hybrid environments.
Analyze vulnerability findings and prioritize remediation activities based on risk, exploitability, asset criticality, and business impact.
Drive remediation efforts with infrastructure, application, cloud, and operations teams.
Monitor remediation performance against defined service level objectives and security policies.
Perform vulnerability trend analysis and identify recurring risk patterns.
Support attack surface reduction initiatives through proactive exposure identification and mitigation.
Administer and maintain ServiceNow Vulnerability Response.
Configure integrations between ServiceNow and vulnerability assessment platforms.
Develop and optimize vulnerability workflows, assignment rules, remediation tasks, and reporting.
Monitor remediation progress and ensure effective stakeholder engagement.
Create dashboards and executive-level reporting to communicate exposure trends and remediation performance.
Security Operations & Risk Management
Support security incident investigations involving vulnerable systems, unauthorized privilege use, or endpoint compromise.
Assess emerging vulnerabilities, threats, and security advisories to determine organizational impact.
Provide risk-based recommendations for remediation and compensating controls.
Participate in security assessments, audits, and compliance activities.
Contribute to cybersecurity standards, policies, and technical security roadmaps.
Act as a technical advisor for endpoint security and vulnerability management initiatives.
Key Technical Skills
Endpoint Security
Application control and allowlisting technologies
Privilege management solutions
Endpoint hardening methodologies
Zero Trust security principles
Least-privilege administration
Endpoint security architecture
Vulnerability & Exposure Management
Vulnerability assessment and management
Exposure management practices
Risk prioritization frameworks
Attack surface management
Patch and remediation management
Security risk analysis
Platforms & Technologies
Microsoft Windows Server and Windows 11
Linux operating systems
Active Directory and Entra ID
Microsoft Intune
Microsoft Defender for Endpoint
Cloud platforms (Azure, AWS, or Google Cloud)
ServiceNow Vulnerability Response
Scripting & Automation
PowerShell
Python
API integrations and workflow automation
Security reporting and dashboard development
Here's what you'll need
Minimum 5 years of experience in cybersecurity, endpoint security, vulnerability management, or security engineering.
Hands-on experience administering application control and privilege management solutions.
Extensive experience managing enterprise vulnerability management programs.
Experience working with ServiceNow Vulnerability Response.
Experience using leading vulnerability management platforms such as:
Rapid7
Tenable
Qualys
Experience working within large enterprise environments.
Strong understanding of risk-based vulnerability management and remediation prioritization.
Preferred Qualifications
Experience implementing Zero Trust security controls.
Experience with endpoint detection and response (EDR) platforms.
Familiarity with security frameworks including:
NIST Cybersecurity Framework
CIS Controls
ISO 27001
NCSC Cyber Assessment Framework
Cyber Essentials Plus
Defence Cyber Certification, Levels 0-3
ACSC Essential Eight
Experience with cloud security and hybrid infrastructure environments.
Experience leading vulnerability remediation programs across multiple technology domains.
Preferred Certifications
CISSP
GIAC Security Certifications
CompTIA Security+
Certified Information Security Manager (CISM)
ServiceNow Certified Implementation Specialist
Tenable Certified Professional
Qualys Certified Specialist
Microsoft Security Certifications
#LI-MB5
Posted Salary Range: Minimum
100,000.00
Posted Salary Range: Upper
120,000.00
Our health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Employees have access to medical, dental, vision, and basic life insurance, a 401(k) plan, and the ability to purchase company stock at a discount. Eligible employees may also enroll in a deferred compensation plan or the Executive Deferral Plan. Jacobs has an unlimited U.S. Personalized Paid Time Off (PPTO) policy for full-time salaried/exempt employees, seven paid holidays, and caregiver leave. And certain roles may be eligible for additional rewards, including merit increases, performance discretionary bonus, and stock.
The base salary range for this position is $100,000.00 to $120,000.00. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. Job posted on July 15, 2026. This position will be open for at least 3 days.
Your application experience is important to us, and we’re keen to adapt to make every interaction even better. If you require further support or reasonable adjustments with regards to the recruitment process (for example, you require the application form in a different format), please contact the team via Careers Support .