Windows Security Engineer

A Career with Point72's Global Information Security Team

Is this the next step in your career Find out if you are the right candidate by reading through the complete overview below.Our Global Information Security team's mission is to ensure the development, implementation, and management of a comprehensive program that effectively protects the confidentiality, integrity, and availability of Point72 information assets. Our team is comprised of security professionals with expertise in a diverse portfolio of security disciplines.What you'll doDesign and implement secure Windows Server and Active Directory architectures at scaleArchitect and maintain hybrid identity solutions integrating on-premise AD with EntraID (Azure AD) and OktaConfigure and manage AD delegation models following least privilege principlesImplement and maintain identity protection solutions (eg: Defender for Identity, CrowdStrike Identity Protection, Quest Active Roles, etc)Develop and enforce security standards for Windows Server deployments, including bare metal, VMware and public cloud (AWS, Azure, GCP)Collaborate with Endpoint Engineering teams to secure Windows endpoints using solutions including SCCM and InTuneConfiguration management for Windows Firewall and ASR rules across our endpoint estateHelp to monitor and mature our Windows patching and vulnerability management programPerform security assessments and audits of Windows infrastructureMonitor and respond to security incidents related to Windows infrastructureCollaborate with infrastructure and security teams on identity and access management initiativesWhat's requiredBachelor's degree in Computer Science, Information Security, or related field7+ years of experience in Windows Server administration and security with deep expertise in Active Directory, Group Policy, AzureAD/EntraID, ADFS, DFS, SMB/CIFS, IIS, SQL Server, Kerberos, LDAP, NTLM, DNS, WMI, LAPS, Bitlocker and related Microsoft Server technologiesExperience with all common versions of Windows Server (2012, 2016, 2019, 2022 & 2025) and Windows 10-11 desktop OSStrong general knowledge of core infrastructure (Networking, storage, virtualization/VMware, etc)Advanced knowledge of AD delegation models and associated best practicesExperience with identity protection platforms (Defender for Identity, CrowdStrike Identity Protection, etc.)Proficiency navigating and triaging Windows event logsFamiliarity with Centrify as means of integrating Linux with Active DirectoryFamiliarity with Quest Active Directory security products (eg: Active Roles)Proficiency with PowerShell requiredWe take care of our peopleWe invest in our people, their careers, their health, and their well-being. When you work here, we provide:Fully-paid health care benefitsGenerous parental and family leave policiesVolunteer opportunitiesSupport for employee-led affinity groups representing women, people of color and the LGBT+ communityMental and physical wellness programsTuition assistanceA 401(k) savings program with an employer match and moreAbout Point72Point72 Asset Management is a global firm led by Steven Cohen that invests in multiple asset classes and strategies worldwide. Resting on more than a quarter-century of investing experience, we seek to be the industry's premier asset manager through delivering superior risk-adjusted returns, adhering to the highest ethical standards, and offering the greatest opportunities to the industry's brightest talent. We're inventing the future of finance by revolutionizing how we develop our people and how we use data to shape our thinking. For more information, visitwww.Point72.com/working-here.

#J-18808-Ljbffr