Security & Endpoint Engineer

Auto Import

<p>This is a remote position.</p> <div> Security & Endpoint Engineer (5–8 Years)<br> </div> <div><br> </div> <div> Role Overview<br> </div> <div> We are seeking an experienced Security & Endpoint Engineer Contractor to support strategic<br> </div> <div> security initiatives across Dropbox’s endpoint environment.<br> </div> <div> <br> </div> <div> This role will initially focus on implementing enterprise-wide browser and extension security<br> </div> <div> controls, including visibility, governance, allowlisting, risk assessment, and enforcement<br> </div> <div> capabilities for browser extensions, developer plugins, and AI-enabled tools.<br> </div> <div> <br> </div> <div> The contractor will partner closely with Security, CorpFleet, Identity, and Infrastructure teams to<br> </div> <div> evaluate, deploy, and operationalize security tooling that reduces client-side risk and<br> </div> <div> strengthens Dropbox’s security posture.<br> </div> <div> <br> </div> <div> Initial Project Focus<br> </div> <div> <br> </div> <div> Client-Side Extension Security & Execution Control<br> </div> <div> <br> </div> <div> Key responsibilities include:<br> </div> <div> ● Evaluate and perform proof-of-concept testing for browser extension security platforms.<br> </div> <div> ● Assess browser extensions, developer plugins, and AI-enabled tools for security and<br> </div> <div> compliance risk.<br> </div> <div> ● Define extension governance, approval workflows, and allowlisting processes.<br> </div> <div> ● Implement monitoring, reporting, and visibility capabilities.<br> </div> <div> ● Support enforcement controls to prevent unauthorized extension usage and reduce data<br> </div> <div> exfiltration risk.<br> </div> <div> ● Develop operational processes, documentation, and support models for ongoing<br> </div> <div> management.<br> </div> <div> Following the initial project, the contractor will support additional security initiatives across<br> </div> <div> endpoint management, Privileged Access Management (PAM), device hardening, endpoint<br> </div> <div> compliance, and Zero Trust programs.<br> </div> <div> <br> </div> <div> Key Responsibilities<br> </div> <div> Endpoint Security & Hardening<br> </div> <div> ● Support enterprise endpoint security initiatives across macOS, Windows & Linux<br> </div> <div> ● Implement and maintain endpoint security controls and hardening standards.<br> </div> <div> ● Assist with vulnerability remediation and endpoint compliance activities.<br> </div> <div> ● Support Zero Trust and device trust initiatives.<br> </div> <div> ● Partner with endpoint engineering teams to balance security requirements with user<br> </div> <div> experience.<br> </div> <div> Privileged Access Management<br> </div> <div> ● Support implementation and operational management of PAM solutions such as Delinea.<br> </div> <div> ● Assist with privileged account governance, access reviews, and least-privilege initiatives.<br> </div> <div> ● Partner with Security and Identity teams to strengthen administrative access controls.<br> </div> <div> Security Operations & Compliance<br> </div> <div> ● Participate in security assessments, audits, and compliance programs.<br> </div> <div> ● Produce operational documentation, runbooks, and implementation guides.<br> </div> <div> ● Track remediation activities, risk exceptions, and security metrics.<br> </div> <div> ● Support audit readiness and evidence collection activities.<br> </div> <div> Automation & Tooling<br> </div> <div> ● Develop automation and scripts to improve security operations and reduce manual effort.<br> </div> <div> ● Integrate security tools with enterprise platforms and workflows.<br> </div> <div> ● Build dashboards and reporting capabilities to improve visibility and operational<br> </div> <div> effectiveness.<br> </div> <div> Cross-Functional Collaboration<br> </div> <div> ● Work closely with Security, CorpFleet, Infrastructure, and Identity teams.<br> </div> <div> ● Participate in vendor evaluations, proof-of-concepts, and implementation planning.<br> </div> <div> ● Present technical recommendations, findings, and project status updates to<br> </div> <div> stakeholders.<br> </div> <div> <br> </div> <div> Required Skills & Experience<br> </div> <div> ● 5–8 years of experience in Security Engineering, Endpoint Engineering, Systems<br> </div> <div> Engineering, or a related field.<br> </div> <div> ● Strong understanding of endpoint security principles and enterprise device management.<br> </div> <div> ● Experience supporting macOS and Windows environments at scale.<br> </div> <div> ● Experience with browser security, extension governance, and endpoint security tooling.<br> </div> <div> ● Experience with endpoint management tools such as Jamf, Intune, FleetDM, or similar <br> </div> <div> ● Understanding of Zero Trust security principles and least-privilege access models.<br> </div> <div> ● Strong scripting skills using Python, PowerShell, Bash, or similar technologies.<br> </div> <div> ● Excellent troubleshooting, analytical, and problem-solving skills.<br> </div> <div> ● Strong written and verbal communication skills.<br> </div> <div> Preferred Qualifications<br> </div> <div> ● Experience with browser extension security platforms such as KOI Security, LayerX,<br> </div> <div> SQRX, or similar solutions.<br> </div> <div> ● Experience with Privileged Access Management platforms such as Delinea, CyberArk, or<br> </div> <div> BeyondTrust.<br> </div> <div> ● Experience with endpoint security platforms such as CrowdStrike, Microsoft Defender, or<br> </div> <div> SentinelOne.<br> </div> <div> ● Familiarity with enterprise security technologies including Okta, Zscaler, and Microsoft<br> </div> <div> Security solutions.<br> </div> <div> ● Experience supporting SOC 2, ISO 27001, NIST, or similar security frameworks.<br> </div> <div> ● Understanding of AI security risks, browser-based AI tools, and governance controls.<br> </div> <div> Success Measures During the initial engagement, success will be measured by<br> </div> <div> ● Successful evaluation and recommendation of browser extension security tooling.<br> </div> <div> ● Deployment and operationalization of approved extension security controls.<br> </div> <div> ● Improved visibility into browser extension usage across the environment.<br> </div> <div> ● Implementation of governance, allowlisting, and enforcement processes.<br> </div> <div> ● Contribution to broader endpoint security and PAM initiatives.<br> </div> <div> ● Creation of sustainable documentation, runbooks, and operational procedures.<br> </div><br>

Back to blog