SRM Technologies is seeking an experienced Security & Endpoint Engineer Contractor to support strategic security initiatives across Dropbox’s endpoint environment. The role focuses on implementing enterprise-wide browser and extension security controls and partnering with various teams to enhance security posture and reduce client-side risk.
Responsibilities:
- Evaluate and perform proof-of-concept testing for browser extension security platforms
- Assess browser extensions, developer plugins, and AI-enabled tools for security and compliance risk
- Define extension governance, approval workflows, and allowlisting processes
- Implement monitoring, reporting, and visibility capabilities
- Support enforcement controls to prevent unauthorized extension usage and reduce data exfiltration risk
- Develop operational processes, documentation, and support models for ongoing management
- Support enterprise endpoint security initiatives across macOS, Windows & Linux
- Implement and maintain endpoint security controls and hardening standards
- Assist with vulnerability remediation and endpoint compliance activities
- Support Zero Trust and device trust initiatives
- Partner with endpoint engineering teams to balance security requirements with user experience
- Support implementation and operational management of PAM solutions such as Delinea
- Assist with privileged account governance, access reviews, and least-privilege initiatives
- Partner with Security and Identity teams to strengthen administrative access controls
- Participate in security assessments, audits, and compliance programs
- Produce operational documentation, runbooks, and implementation guides
- Track remediation activities, risk exceptions, and security metrics
- Support audit readiness and evidence collection activities
- Develop automation and scripts to improve security operations and reduce manual effort
- Integrate security tools with enterprise platforms and workflows
- Build dashboards and reporting capabilities to improve visibility and operational effectiveness
- Work closely with Security, CorpFleet, Infrastructure, and Identity teams
- Participate in vendor evaluations, proof-of-concepts, and implementation planning
- Present technical recommendations, findings, and project status updates to stakeholders
Requirements:
- 5–8 years of experience in Security Engineering, Endpoint Engineering, Systems Engineering, or a related field
- Strong understanding of endpoint security principles and enterprise device management
- Experience supporting macOS and Windows environments at scale
- Experience with browser security, extension governance, and endpoint security tooling
- Experience with endpoint management tools such as Jamf, Intune, FleetDM, or similar
- Understanding of Zero Trust security principles and least-privilege access models
- Strong scripting skills using Python, PowerShell, Bash, or similar technologies
- Excellent troubleshooting, analytical, and problem-solving skills
- Strong written and verbal communication skills
- Experience with browser extension security platforms such as KOI Security, LayerX, SQRX, or similar solutions
- Experience with Privileged Access Management platforms such as Delinea, CyberArk, or BeyondTrust
- Experience with endpoint security platforms such as CrowdStrike, Microsoft Defender, or SentinelOne
- Familiarity with enterprise security technologies including Okta, Zscaler, and Microsoft Security solutions
- Experience supporting SOC 2, ISO 27001, NIST, or similar security frameworks
- Understanding of AI security risks, browser-based AI tools, and governance controls