Lead Engineer / Endpoint Security Engineering, VP

• Best in class leave policy
• Gender neutral parental leaves
• 100% reimbursement under childcare assistance benefit (gender neutral)
• Sponsorship for Industry relevant certifications and education
• Employee Assistance Program for you and your family members
• Comprehensive Hospitalization Insurance for you and your dependents
• Accident and Term life Insurance
• Complementary Health screening for 35 yrs. and above

• Lead the design, deployment, and management of endpoint security solutions using Microsoft Defender for Endpoint, Tanium, Broadcom, Palo-Alto Prisma, and other enterprise tools.
• Provide technical leadership and direction to a team of engineers, ensuring quality delivery, knowledge sharing, and adherence to security practices.
• Configure and optimize Tanium Modules (Enforce, Comply, Integrity Monitor, Threat Response, Performance, Patch etc) to enhance endpoint protection, visibility, and compliance.
• Oversee integration of endpoint security with Intune, Azure AD, and Defender for cloud apps for unified device management and policy enforcement.
• Manage EDR/XDR platforms such as Microsoft Defender, CrowdStrike etc. ensuring consistent policy application and efficient operations.
• Develop and maintain endpoint hardening standards, ensuring alignment with frameworks such as CIS, NIST, and ISO27001.
• Collaborate with Cyber Defence, Infrastructure, and Cloud teams to address security risks remediate vulnerabilities, and support audit closure.
• Drive process improvement, automation, and operational efficiency within endpoint security.
• Represent Endpoint Security in cross-functional governance and strategy discussions, contributing to architectural and policy decisions.
• Prepare and maintain technical documentation, architectural diagrams, and operational guides.

• 12+ years of experience in endpoint security engineering, architecture, and operations within large enterprise environments.
• Proven experience leading or mentoring teams in endpoint security engineering or operations.
• Strong technical expertise in the Microsoft Security ecosystem, including:
• Defender for Endpoint, Defender for Server, Defender for Cloud Apps, Intune, Device Control, Cloud Identity, M365 SIEM Integration, and Microsoft Security Copilot.
• Hands on experience managing Tanium platform and integrating it within enterprise environments.
• Strong understanding of endpoint hardening, vulnerability management, and security compliance processes.
• Ability to translate business and risk requirements into practical security solutions.
• Excellent leadership, communication, and stakeholder management skills, with experience working across global teams.
• Proven delivery of large-scale, complex security projects in regulated, fast-paced environments.
• Demonstrated ability to manage end-to-end project lifecycles, including planning, budgeting, resource allocation, and delivery within scope and timelines.
• Demonstrated commitment to staying current with emerging threats, technologies, and industry trends through ongoing education and professional development.

• Microsoft Certified: AZ-500, SC-900, SC-200, MS-900
• Tanium Certified Operator or Tanium Certified Administrator
• Always a plus: CISSP, CISM, CompTIA Security+ or other relevant certifications in the field

• Bachelor’s or master’s degree in computer science, Information Security, or a related field.

• Training and development to help you excel in your career
• Coaching and support from experts in your team
• A culture of continuous learning to aid progression
• A range of flexible benefits that you can tailor to suit your needs

Deutsche Bank