Endpoint Security Analyst
Date Position is Open
7/17/2026
Work Schedule
Full-Time
Salary Ranges
$51,520 - $73,872
FLSA Status
Exempt
Job Title: Endpoint Security Analyst
Work Schedule: Full time, 40 hours per week. Must be availability to work nights, weekends, and off hours as needed.
(The standard work week is Monday through Friday, 8:00 AM to 5:00 PM. Exempt professionals, are expected to maintain a flexible schedule to ensure all responsibilities and collegiate needs are met, including occasional work outside of core business hours.)
FLSA Status: Exempt
Summary
The Endpoint Security Analyst is responsible for the security, integrity, and operational health of the institution’s end-user computing environment. This includes the engineering and management of security controls for workstations (PC/Mac), mobile devices, and networked peripherals such as printers. The position works closely with the IT Support team to uphold academic productivity while maintaining a robust defense against evolving threats.
Reports to Assistant Director of Network and Security.
Essential Duties and Responsibilities
- Endpoint Protection Management: Administer and optimize Endpoint Detection and Response (EDR) and Next-Generation Antivirus (NGAV) solutions across all college-owned end-user
- Device Lifecycle Security: Implement and maintain secure configuration baselines (e.g., CIS Benchmarks) for workstations and mobile devices using unified endpoint management (UEM) tools like Jamf, SCCM, and
- Workstation Management: Maintain standardized configurations for classroom and administrative workstations to ensure a consistent experience and prevent unauthorized persistent changes to software and
- Vulnerability & Patch Management: Identify, prioritize, and automate the remediation of vulnerabilities on end-user hardware, including third-party application patching and firmware updates for networked printers, end-user workstations (Mac/PC), mobile devices, and other end user
- Secure Process Best Practices: Implement and advocate for secure workflows, such as Follow-Me or authenticated release printing, to prevent sensitive information exposure, reduce waste, and create
- General Print Administration & Support: Provide high-level support for the college’s networked printing environment, ensuring high availability of services while managing driver deployment and printer configuration via centralized management
- Print Infrastructure Security: Secure the printing environment by hardening device firmware, disabling insecure protocols (e.g., Telnet, FTP), and ensuring all print traffic is encrypted across the campus
- Incident Triage: Serve as the primary security escalation point for the IT Support desk, investigating alerts from endpoint sensors and performing initial forensic analysis of potentially compromised
- Security Automation: Develop scripts (PowerShell, Bash, or Python) to automate routine security audits and the deployment of security agents across the
- Compliance & Reporting: Monitor and report on endpoint compliance with federal and state regulations (e.g., FERPA, GLBA) and institutional security
- Maintains and updates an operational manual.
- Performs other duties/special projects as
Qualifications:
Required
Education
- High school diploma/or equivalent
and
- ComptIA Security+, CySA+ or related cybersecurity certification. If not in possession, must acquire within first 6 months of employment.
Certifications
- Act 153 Clearances (Act 34 PA Criminal Background, Act 151 PA Child Abuse History, Act 114 FBI Clearance Fingerprinting)
Work Experience
- 3-5 years of experience in IT support or systems administration with a heavy focus on endpoint security and device management.
Knowledge, Skills, Abilities
- In-depth knowledge of Windows, macOS, iOS, and Android security
- Experience with Unified Endpoint Management (UEM) and Mobile Device Management (MDM)
- Proficiency in scripting for automation (e.g., PowerShell or Python) to manage large-scale device
- Knowledge of common attack vectors targeting end-users, such as phishing, credential theft, and drive-by
- Ability to communicate complex technical security concepts to non-technical faculty, staff, and
- Demonstrated ability to create clear, concise, and comprehensive technical documentation for both technical and non-technical audiences.
- Strong written communication skills with the ability to develop and maintain accurate technical documentation for diverse audiences.
Preferred
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field from an accredited institution.
- Experience in a Higher Education environment, particularly within a community college setting.
- Current certifications such as CompTIA Security+, CySA+, or vendor-specific certifications (e.g., Microsoft 365 Certified: Endpoint Administrator Associate).
Physical Demands
While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to handle or feel; reach with hands and arms; talk and hear. The employee may regularly lift and/or move up to 25 pounds and occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision and distance vision.
Work Environment
The noise level in the work environment is usually quiet to moderate. This position will be required to work evening and weekend hours as needed.