Cyber Security Endpoint Engineer

Description

SALARY

$100,000-$120,000

POSITION SUMMARY

The Cyber Security Endpoint Engineer is responsible for implementing and managing endpoint security solutions across the Chicago Transit Authority, including workstations, laptops, mobile devices, and servers. This role focuses on the deployment, configuration, and ongoing maintenance of endpoint protection technologies-such as antivirus, endpoint detection and response (EDR), and encryption tools-to safeguard devices from cyber threats. The engineer ensures consistent application of security policies, actively monitors endpoint health and threat activity, and works closely with IT and security teams to investigate incidents and support compliance across all endpoint platforms.

Qualifications

PRIMARY RESPONSIBILITIES

* Deploy, configure, and manage endpoint protection tools (e.g., EDR, NGAV, encryption, host-based firewalls).

* Deploy, configure, and manage endpoint remote access tools.

* Test endpoint security software to ensure compatibility and proper functionality across multiple operating systems, including Linux, Windows, and macOS.

* Monitor endpoint security alerts and logs to identify, analyze, and respond to threats or anomalies.

* Administer and maintain endpoint detection & response (EDR) platforms.

* Assist to develop and enforce endpoint security policies, including application control, device control, and encryption.

* Automate endpoint security tasks using scripting or centralized management tools.

* Integrate third-party tools (e.g., SIEM, SOAR, MDM, vulnerability scanners) with endpoint protection platforms.

* Assist in evaluating and onboarding new third-party tools for improved endpoint protection and visibility.

* Ensure reliable data flow and compatibility between endpoint security tools and enterprise systems through APIs and connectors.

* Troubleshoot integration issues between endpoint systems and third-party platforms.

* Maintain documentation of endpoint security architecture, configurations, procedures, and incident response activities.

* Perform regular assessments of system and endpoint configurations to ensure compliance with security standards and best practices.

* Assist in OS and software patch management initiatives for endpoints.

* Assist in vulnerability management efforts related to endpoints.

* Collaborate with IT Support and desktop engineering teams to ensure secure deployment and maintenance of cyber security endpoint software.

* Collaborate with IT and cyber security teams to investigate and remediate endpoint-related incidents.

* Researches and analyzes cybersecurity threat indicators and their behaviors for the prevention, detection, containment, and correction of security breaches, and recommends threat mitigation strategies.

* Assesses new security technologies to determine potential value for the enterprise.

* Performs related duties as assigned.

MANAGEMENT RESPONSIBILITIES

Reporting to this position are the following jobs:

Job Title

* N/A

CHALLENGES

* Maintaining knowledge of current cyber technology tools, architectures, and trends in a rapidly changing field.

* Completing cyber activities requiring the assistance of other teams with competing priorities.

EDUCATION/EXPERIENCE REQUIREMENTS

* Bachelor's degree in information security/cybersecurity, information technology, computer science or related field; including certifications such as CrowdStrike Certified Falcon Administrator or similar, and three to five years of work experience in cyber security endpoint management or related position for large enterprises, or an equivalent combination of education certifications and experience related to the position.

PHYSICAL REQUIREMENTS

* Requires remaining in a stationary position for extended periods of time and constantly operating a computer.

* May be required to travel to various field locations.

* Must be able to lift, maneuver and carry material weighing up to 50 pounds.

* Service Area Requirement: Exempt (Non-Union) employees must live within the boundaries of the CTA Statutory Service Area either at the time of employment or within 6 months of beginning employment at CTA.

KNOWLEDGE, SKILLS, AND ABILITIES

* Strong problem-solver that can work autonomously and with others.

* Detailed knowledge of Windows, macOS, and Linux operating systems.

* Knowledge of file systems, processes, services/daemons.

* Knowledge of registry and system logs (especially Windows Event Viewer).

* Knowledge of permissions, file integrity, and OS hardening best practices.

* Knowledge of EDR, AV, MDM/UEM platforms.

* Understanding of scripting (PowerShell, Bash, Python).

* Detailed knowledge of Command Line Interface syntax and use.

* Knowledge of patch management tools (e.g., SCCM, Intune, WSUS).

* Awareness of endpoint vulnerabilities and hardening techniques.

* Familiarity with common vulnerabilities (CVEs, CVSS scores).

* Understanding MITRE ATT&CK framework as it applies to endpoints

* Awareness of NIST, ISO 27001, PCI-DSS, HIPAA, or similar frameworks.

* Knowledge of encryption technology, tools, and techniques.

* Understanding of TCP/IP, DNS, HTTP/S, VPNs, and how endpoints interact with networks.

* Knowledge of network security tools (e.g., firewalls, proxies) as they relate to endpoint communications

* Ability to maintain absolute confidentiality of sensitive files, data and materials accessed, discussed, or observed, and while adhering to security policies and procedures.

WORKING CONDITIONS

* General office environment.

* May be required to travel to various field locations.

* Subject to various weather conditions when traveling to and from work locations.

* Subject to normal garage, shop, and terminal hazards such as noise, dust, grease, moving vehicles, etc. when working in bus/rail workshops, garages, and terminals.

EQUIPMENT, TOOLS, AND MATERIALS UTILIZED

* Personal computer and related software as needed.

Additional Details Employees and/or union members will be given priority consideration in the hiring process, per the applicable labor contracts.

Final salary will be determined in part by the qualifications of the selected candidate and may be higher or lower than target.

Applicants, if hired,must comply with CTA's residency ordinance.

CTA IS AN EQUAL OPPORTUNITY EMPLOYER

No employee or applicant for employment will be discriminated against because of race, color, creed, religion, sex, marital status, national origin, sexual orientation, ancestry, age, unfavorable military discharge, disability or any other status protected by federal, state, or local laws; except where a bona fide occupational qualification exists We are committed to providing an inclusive environment for our workforce and supporting the communities we serve. CTA will make reasonable accommodations for the known disabilities of otherwise qualified applicants for employment as well as its employees, unless undue hardship would result. If you require an accommodation in the application or hiring process, please contact arc@transitchicago.com prior to the submission of your application or upon notification of your actual test date. CTA will work with you to determine if an accommodation can be provided.

During the hiring process, CTA's Human Resources department will contact candidates with next steps . Failure to respond to these correspondences in a timely fashion may result in your application being closed out for non-responsiveness.

Please click link below to review the benefits offered at the CTA.

https://www.transitchicago.com/hrbenefits/

Primary Location

: USA-Illinois-Chicago

Job

: Information Technology

Job Posting

: Dec 22, 2025, 3:00:49 PM

Position Type: Full-time Permanent (FTP)