Senior Endpoint Security Engineer

Clover Health Logo

Clover Health

πŸ’΅ $130k-$165k
πŸ“Remote - United States

Summary

Join our Information Security team as a Senior Endpoint Security Engineer to manage and enhance endpoint and perimeter defenses using SentinelOne EDR/XDR, Cloudflare WAF, and our SIEM solution. Collaborate with IT, Compliance, and Application Owners to ensure robust security controls and threat response in a healthcare environment. Key responsibilities include managing SentinelOne, administering Cloudflare WAF, optimizing SIEM integrations, designing custom detection rules, monitoring alerts, conducting investigations, and creating post-incident reports. You will also work on endpoint hardening, support audits, assist with secure application delivery, and proactively enhance detection logic. This role requires 5+ years of experience in detection engineering or endpoint security, hands-on experience with specified platforms, and strong knowledge of security architecture and threat detection. We offer competitive salary, equity, performance-based bonuses, 401k matching, comprehensive benefits, flexible time-off, remote-first culture, and professional development opportunities.

Requirements

  • You have 5+ years in detection engineering, cyber defense, or endpoint security engineering role or equivalent experience
  • You have deep hands-on experience with EDR/XDR tools (SentinelOne preferred), Cloudflare, and SIEM platforms
  • You have strong knowledge of endpoint security architecture, WAF rulesets, log correlation, and threat detection methodologies
  • You have experience in incident response, digital forensics, and technical reporting
  • You are familiar with regulatory and compliance frameworks (HIPAA, HITRUST, NIST)

Responsibilities

  • Own and maintain the configuration and lifecycle management of SentinelOne EDR/XDR platform across all endpoints
  • Administer and tune policies in Cloudflare WAF to protect external-facing applications from OWASP Top 10 threats and targeted attacks
  • Manage and optimize SIEM platform integrations, log sources, parsing rules, alert logic, and storage
  • Design and implement custom detection rules, behavioral policies, and threat intelligence feeds for SentinelOne and SIEM
  • Monitor and triage real-time alerts from EDR/XDR, WAF, and SIEM
  • Coordinate with IT and application owners to validate findings, assess impact, and drive containment or mitigation activities
  • Conduct detailed investigations of valid security events and incidents using forensic and log analysis techniques
  • Draft and deliver post-incident reports, including timeline of events, root cause analysis, containment/remediation steps, and lessons learned
  • Work closely with IT Systems Engineering on endpoint hardening, policy enforcement (GPO/MDM), and software deployment strategy
  • Partner with GRC to support audit readiness and maintain alignment with HIPAA, HITRUST, and NIST CSF requirements
  • Support DevOps and business teams in secure application delivery and infrastructure security reviews
  • Proactively enhance detection logic and reduce false positives through continuous tuning
  • Develop automated workflows and playbooks to streamline response using SOAR or scripting where applicable
  • Assist in the development of security standards, SOPs, and hardening guides within the Endpoint Security area of ownership

Preferred Qualifications

  • You are proficient in scripting (e.g., Python, PowerShell) for automation (highly desirable)
  • You have relevant certifications (e.g., GCED, GCIH, CEH, or vendor-specific)

Benefits

  • Our commitment to attracting and retaining top talent begins with a competitive base salary and equity opportunities
  • Additionally, we offer a performance-based bonus program, 401k matching, and regular compensation reviews to recognize and reward exceptional contributions
  • We prioritize the health and well-being of our employees and their families by providing comprehensive medical, dental, and vision coverage
  • We understand the importance of mental health in fostering productivity and maintaining work-life balance
  • To support this, we offer initiatives such as No-Meeting Fridays, monthly company holidays, access to mental health resources, and a generous flexible time-off policy
  • Additionally, we embrace a remote-first culture that supports collaboration and flexibility, allowing our team members to thrive from any location
  • Developing internal talent is a priority for Clover
  • We offer learning programs, mentorship, professional development funding, and regular performance feedback and reviews
  • Employee Stock Purchase Plan (ESPP) offering discounted equity opportunities
  • Reimbursement for office setup expenses
  • Monthly cell phone & internet stipend
  • Remote-first culture, enabling collaboration with global teams
  • Paid parental leave for all new parents

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.

Similar Remote Jobs