Senior Endpoint Security Engineer

Meet the Team The Network Platform Organization (formerly Meraki) builds and operates Cisco’s cloud-managed platform powering millions of devices globally. Within NPO, the Network Platform Security Organization (NPSO) is responsible for protecting the platform, infrastructure, and customers through mature engineering and operation of security controls.

The Security Engineering team within NPSO engineers and operates enterprise-grade security platforms across a diverse, large-scale, hybrid cloud environment. This role is ideal for a senior-level endpoint security engineer who wants to own the lifecycle, reliability, and operational maturity of SentinelOne as a critical EDR platform while influencing the security design of platforms used by tens of millions of customers worldwide.

Your Impact Own SentinelOne as a production EDR control, improving endpoint coverage, policy lifecycle management, agent reliability, alert quality, upgrades, troubleshooting, and incident support. Engineer endpoint protection for Linux, cloud-hosted, Kubernetes/EKS, and container workloads while balancing security, performance, reliability, and operational maintainability.

Deliver repeatable endpoint controls through infrastructure-as-code, configuration management, Git-based CI/CD, Ansible, Terraform, ArgoCD, and automated validation workflows. Build scripts, runbooks, and guardrails that make endpoint security operations scalable and support vendor evaluations and design reviews for endpoint, workload, and cloud security platforms.

Integrate EDR telemetry with Splunk, Grafana, Prometheus, and related observability platforms; track health, coverage, detection, and response metrics; and close logging or alerting gaps. Mentor engineers and partner with SRE, infrastructure, compliance, and security teams to keep endpoint security aligned with production needs and regulatory requirements.

Minimum Qualifications 5+ years of professional experience in endpoint security engineering, security operations, production infrastructure, cloud security, or security engineering. Experience in engineering, administering, or operating SentinelOne or comparable EDR technology in production environments.

Strong Linux systems experience, including troubleshooting, package or agent deployment, service health, logs, permissions, and operational support. Practical experience with AWS, Kubernetes, or EKS, especially as it relates to workload security, deployment patterns, observability, or incident response.

Experience with automation and delivery practices using tools or patterns such as Git, CI/CD, Ansible, ArgoCD, and artifact repositories. Working knowledge of SIEM, logging, and observability platforms such as Splunk, Grafana, Prometheus, or equivalent technologies.

Strong communication skills, with the ability to explain technical risks, operational tradeoffs, and security outcomes to engineering and leadership audiences. Experience working across SRE, infrastructure, security operations, compliance, and engineering teams in fast-paced operational environments.

Preferred Qualifications Deep experience with SentinelOne policy management, alert triage, response workflows, fleet health, or large-scale agent operations. Proficiency in Python, Bash, or another scripting language for automation, data analysis, operational tooling, or security workflows.

Experience responsibly applying AI-assisted engineering and agentic workflows to improve security design reviews, automation, operational processes, and execution quality. Experience securing containerized workloads, Linux server fleets, SaaS platforms, IoT environments, or complex cloud architectures.

Experience improving security control maturity through metrics, service ownership, documentation, operational reviews, and continuous improvement programs. Experience mentoring engineers or leading cross-functional technical initiatives. Why Cisco?

At Cisco, we’re revolutionizing how data and infrastructure connect and protect organizations in the AI era – and beyond. We’ve been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds.

These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you’ll see that the opportunities to grow and build are limitless.

We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you.