Antivirus Engineer

Antivirus Engineer

A Fortune 50 financial services company is seeking a highly motivated Antivirus Engineer for our client in the McLean, Virginia area.

Overview:

• We are seeking an experienced Antivirus Engineer to support enterprise endpoint security operations, with a focus on Microsoft Defender, policy configuration, troubleshooting, and telemetry validation across large-scale environments.


• This role partners with engineering, cybersecurity, and operations teams to ensure optimal endpoint performance, strong security posture, and adherence to governance standards.

Responsibilities:

• Defender Performance Troubleshooting


• Diagnose and resolve complex performance issues related to Microsoft Defender.


• Review and interpret Client Analyzer logs.


• Perform root cause analysis using tools such as ProcMon, MpPerformanceRecording, and similar utilities.


• Recommend tuning and optimization strategies to minimize Defender's resource impact.

• Policy Configuration & Deployment


• Configure and deploy security policies using Intune, MECM, and Ansible


• Develop and execute testing methodologies for deployment and policy validation


• Produce documentation and follow established enterprise engineering and change-control processes

• Network & Telemetry Troubleshooting


• Conduct network diagnostics including firewall rule evaluation and packet/traffic analysis.


• Use Splunk queries to validate network traffic, telemetry flow, and endpoint behavior.


• Identify and remediate telemetry gaps or inconsistencies across endpoints.

• 
  

  Compliance & Governance

  
  Review, validate, and maintain security exclusions between test and production environments.


• Ensure all security configurations adhere to enterprise, regulatory, and audit requirements.

• 
  

  Microsoft Security Stack Expertise

  
  


• 
  

  Hands-on experience with:

  
  Microsoft Defender for Endpoint (MDE).


• Microsoft Sentinel.


• Azure Security Center / Defender for Cloud.


• Ability to write and interpret KQL advanced hunting queries.

• 
  

  Security Posture & Risk Assessment

  
  


• 
  
  
  Conduct assessments of current security posture and recommend improvements.


• Review penetration test findings and propose remediation strategies.

• 
  

  Soft Skills

  
  


• Strong analytical, troubleshooting, and problem-solving abilities.


• Effective communication skills with the ability to collaborate across technical and non-technical teams.

Qualifications:

• 8 years of experience in endpoint security engineering, antivirus operations, or security tooling administration.


• Expertise in Microsoft Defender troubleshooting, tuning, and performance analysis.


• Strong experience with Intune, MECM, and Ansible for configuration and deployment.


• Proficiency in KQL, telemetry validation, and log analysis across security products.


• Hands-on experience with Microsoft security tools (MDE, Sentinel, Defender for Cloud).


• Strong understanding of enterprise security, compliance, and governance standards.


• Familiarity with network diagnostics, firewall evaluations, and Splunk searches.

Desired:

• Experience in large enterprise or financial services environments.


• Experience participating in incident response, threat hunting, or red team remediation.


• Knowledge of secure configuration baselines and endpoint hardening frameworks.