Your Role & Responsibilities
Job Summary
We are looking for a Security Engineer to join our team and take ownership of EDR management, threat hunting, exception management, platform administration, incident response, and security hardening. You will work primarily with FortiEDR and Windows Defender, ensuring our endpoint security solutions are effectively deployed, managed, and optimized while proactively enhancing the organization’s security posture.

Job Description

• Configure, monitor, and maintain FortiEDR and Windows Defender for Endpoint to ensure optimal protection.
• Troubleshoot and resolve EDR-related issues, ensuring seamless endpoint security.
• Regularly update policies, rules, and signatures to align with evolving threats.
• Proactively hunt for threats across endpoints using FortiEDR and Defender’s telemetry.
• Investigate security alerts, correlate data, and determine the root cause of incidents.
• Work with security analysts to contain, mitigate, and remediate threats efficiently.
• Conduct forensic analysis on compromised systems and prepare detailed reports.
• Evaluate and manage security exceptions, ensuring business continuity without compromising security.
• Work with stakeholders to fine-tune security policies and rules based on operational needs.
• Maintain and enhance FortiEDR and Defender’s integration with SIEM and other security tools.
• Monitor system performance, logs, and alerts to improve efficiency and detection capabilities.
• Collaborate with IT teams to ensure security policies do not impact productivity.
• Implement and enforce security hardening measures across endpoints and infrastructure.
• Provide hardening recommendations for Windows endpoints, servers, and cloud environments.
• Review and enhance system configurations based on CIS Benchmarks, Microsoft Security Baselines, and Fortinet best practices.
• Conduct vulnerability assessments and work with IT teams to remediate identified weaknesses.
• Regularly assess PowerShell execution policies, GPOs, firewall rules, and endpoint controls for better security.
• Ensure endpoint security solutions comply with internal policies and regulatory requirements.
• Provide periodic reports on threat trends, response metrics, and security improvements.

Your Profile

Education and Experience:

• Relevant certifications (e.g., Fortinet NSE, Microsoft Security certifications, GCFA).
• Experience in SOC operations, security monitoring, or blue teaming.
• Understanding of MITRE ATT&CK, malware analysis, and threat intelligence.
• Hands-on experience with FortiEDR and Windows Defender for Endpoint.
• Expert in KQL and Lucene query language.
• Strong threat hunting, incident investigation, and forensic analysis skills.
• Familiarity with SIEM solutions, EDR logs, and malware analysis tools.
• Experience in system hardening and security best practices for Windows environments.
• Good understanding of Windows security, Active Directory, Group Policy, and endpoint protection.
• Analytical and detail-oriented mindset.
• Strong problem-solving skills in high-pressure situations.
• Ability to communicate security findings clearly to technical and non-technical teams.
• Team player with a proactive approach to security challenges.

Our Offer

• We aim to create an environment where the best people want to work, where they can turn their passion into their job and realize their full potential.
• Individual development, on-the-job training, and development programs designed to help our employees grow in their careers.
• Paid parental leave
• Education assistance program
• Employee assistance program
• Various healthcare plan options as well as 401(k)

Interested?
We look forward receiving your application.
Brenntag and its subsidiary companies will provide equal employment opportunities to all applicants without regard to any category protected by federal, state or local law, including as applicable, applicant’s actual or perceived race, color, religion, creed, sex, sexual orientation, gender identity or expression (including transgender status), gender (including pregnancy, childbirth, lactation and related medical condition), genetic information, military service, national origin, ancestry, citizenship status, age, veteran status, physical or mental disability, protected medical condition as defined by applicable federal, state or local law, political affiliation, marital status, membership in an employee organization, parental status, expunged juvenile record, or any other status protected by federal, state, or local law. Brenntag will provide reasonable accommodations to allow an applicant to participate in the hiring process (e.g., accommodations for a test or job interview) if so requested. When completing this application, you may exclude information that would disclose or otherwise reference your race, religion, age, sex, genetic, veteran status, disability or any other status protected by federal, state, or local law. This application is considered current for sixty (60) days only. At the end of this period, if you are still interested in employment, it will be necessary for you to reapply by completing a new application.
If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings or apply for a job on this site as a result of your disability. You can request reasonable accommodations by contacting Human Resources at accommodations@brenntag.com (phone, tty, fax, email, etc.).
Brenntag North America, Inc. and its subsidiaries use E-Verify, a government-run, web-based system that allows employers to confirm the eligibility of their employees to work in the United States. For more information, please go to
https://www.e-verify.gov/employee
or view the poster at
https://e-verify.uscis.gov/web/media/resourcesContents/E-VerifyParticipationPoster.pdf
.
Brenntag TA Tea

Please refer the Job description for details