IT Security Engineer

Remote Full-time
The CompanyCapital Markets Gateway LLC (CMG) is a capital markets-focused fintech transforming global equity capital markets (ECM) through data, technology, and connectivity. As the preferred source for ECM analytics and the first network connecting the buy-side and sell-side for ECM workflows, we are committed to reshaping how capital markets operate. Founded in 2017 by a team of ECM practitioners, CMG has completed three successful fundraising rounds and is backed by a group of the world’s most prestigious financial institutions. The CMG platform is currently relied upon by nearly 150 buy-side firms representing $40 trillion in AUM and 22 global investment banks. For more information, please visit www.cmgx.io. The RoleWe’re seeking an experienced and automation-driven IT Security Engineer to lead endpoint security, patching, and compliance across a globally distributed fleet of macOS, Windows, and mobile devices. In this hands-on role, you’ll architect and maintain secure-by-default baselines using modern MDM tooling (Intune, Kandji), enforce identity-first access via Entra ID, and drive proactive detection and remediation using scripting, telemetry, and Microsoft’s security stack. Responsibilities Administer and secure endpoints (macOS, Windows, mobile) via Intune, Kandji; enable zero-touch enrollment (Autopilot/ADE). Serve as an escalation for endpoint issues impacting security, patching, and configuration. Implement identity workflows (SSO, SCIM, RBAC, group lifecycle, access reviews) in Microsoft Entra ID. Lead automated patch management for OS and third-party apps; define rings, deferrals, SLAs, and rollout/rollback playbooks. Author automation in PowerShell (Windows) and Bash/Zsh (macOS) for remediation, compliance, and telemetry. Integrate with the Microsoft security stack (Defender for Endpoint, Microsoft 365 Defender, Purview); tune policies, respond to alerts, and improve posture. Co-define baselines with Security (CIS/NIST hardening, device compliance) and enforce via MDM. Monitor device health in Endpoint Manager; investigate anomalies and drive root cause. Support secure networking controls (firewall/proxy) as needed for endpoint updates and access. Document policies, scripts, runbooks, and patch procedures; keep them current. What We're Looking For5+ years managing macOS and Windows in an enterprise environment. Deep, hands-on experience with at least one MDM: Intune, Jamf, Kandji. Strong scripting: PowerShell (Windows) and Bash/Zsh (macOS). Expert in patch management (OS + third-party), deployment rings, and compliance reporting. Working knowledge of Microsoft 365 security: Defender for Endpoint, Microsoft 365 Defender O365 threat policies (Anti-phish, Anti-spam, Safe Links, Safe Attachments) Exchange Online security/compliance settings. Familiar with Conditional Access, device compliance, and certificate/secure storage (BitLocker/FileVault). Excellent cross-functional collaboration and written/verbal communication; ability to simplify complex problems. Comfortable with CLI tooling and automation for policy deployment and monitoring. Nice to Have Experience with compliance automation (CIS Benchmarks, custom compliance policies). Exposure to modern auth/device trust (Entra ID, device-based Conditional Access). Familiarity with EDR platforms (e.g., Defender). Experience supporting a globally distributed user/device base. Python for light tooling; Git-based workflows for scripts/profiles. Our Tech Stack Microsoft Intune / Endpoint Manager Kandji Microsoft Defender for Endpoint / Microsoft 365 Defender PowerShell, Bash (Python optional) Azure AD / Entra ID Security endpoint tools (firewall/proxy) Exchange Online & M365 Security & Compliance CenterOur ValuesWe innovate with purposeWe focus on outcomes vs. outputWe believe diverse and inclusive teams fuel innovationWe are humble yet candidWe do right by the customerWhat We Offer2 year+ contract15 business days of vacationTech courses and conferencesTop-of-the-line MacBookFully remote working environmentFlexible working hoursCMG embraces our ongoing commitment to building a culture reflecting the people, perspectives, and passions it represents. We will accept nothing less than equity, inclusion, and belonging for all. With the only constant in life being change, we will always listen, learn, and improve for the betterment of our teams, customers, and communities. CMG is proud to be an Equal Opportunity Employer. Originally posted on Himalayas

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Commercial Auto Physical Damage Appraiser - Remote

Remote

Apply Now: Work From Home for 15 Year Olds: Flexible Teen Job

Remote

Remote Live Chat and Email Support at Serraniagua Corporation New York, NY

Remote

Allegiant Airlines Work From Home Opportunity – Opinion Sharing & Data Entry | Join Our Remote Team

Remote

Assembly Technician (3rd Shift)

Remote

Remote Investment Banking Specialist ($100/hr) - 42463

Remote

Project Coordinator

Remote

Experienced Data Entry Specialist and Focus Group Panelist – Remote Part-Time Opportunity to Earn Up to $750 per Week from Home

Remote

Join Today: Starbucks Jobs Seattle WA, Careers In Starbucks

Remote

**Experienced Data Entry Specialist – Remote Work Opportunity at arenaflex**

Remote
← Back