EDR Architect + Pentest Lead

EDR Architect + Pentest Lead

Loc: San Jose, CA 

Rate: DOE

Duration: 12+ months

Client: Cadence Design Systems

Position Summary

We are seeking an experienced EDR Architect & Penetration Testing Lead to design, implement, optimize, and continuously improve our endpoint security strategy while conducting offensive security assessments to identify and validate security risks. This role will bridge defensive and offensive security functions, ensuring endpoint detection capabilities effectively detect, prevent, and respond to modern threats.

Key Responsibilities

EDR Architecture & Endpoint Security

Design, deploy, and maintain enterprise-scale EDR solutions. 
Develop endpoint security architecture, standards, and operational procedures. 
Configure and optimize detection rules, alerting logic, threat hunting workflows, and response playbooks. 
Integrate EDR platforms with SIEM, SOAR, vulnerability management, and incident response processes. 
Lead endpoint security assessments and architecture reviews. 
Evaluate and recommend endpoint security technologies and controls. 
Develop endpoint hardening standards across Windows, Linux, and macOS environments. 
Create metrics and reporting to measure EDR effectiveness and coverage. 
Penetration Testing & Offensive Security

Plan and execute internal and external penetration tests. 
Perform network, web application, cloud, and endpoint security assessments. 
Conduct red team exercises and adversary emulation activities. 
Validate security controls through simulated attack scenarios. 
Identify vulnerabilities, misconfigurations, and security gaps. 
Produce detailed technical reports with risk ratings and remediation recommendations. 
Partner with engineering and infrastructure teams to validate remediation efforts. 
Develop attack simulations to test EDR detections and response capabilities. 
Threat Detection & Security Engineering

Create custom detection content and threat-hunting methodologies. 
Map detections and attack simulations to the MITRE ATT&CK framework. 
Analyze emerging threats, attacker techniques, and security trends. 
Support incident response investigations and post-incident reviews. 
Develop automated detection and response workflows where appropriate. 
Governance & Leadership

Define endpoint security strategy and roadmap. 
Provide technical leadership for endpoint security initiatives. 
Mentor junior security analysts and engineers. 
Collaborate with infrastructure, cloud, and application teams on security architecture. 
Present findings and recommendations to technical and executive stakeholders. 
Required Qualifications

7+ years of cybersecurity experience. 
3+ years designing and managing enterprise EDR platforms. 
Hands-on penetration testing experience across multiple environments. 
Strong knowledge of: Windows security architecture 
Linux security 
Active Directory 
Cloud security (AWS, Azure, GCP) 
Network security 
Incident response 
Threat hunting 
Experience with one or more EDR platforms such as: CrowdStrike Falcon 
Microsoft Defender for Endpoint 
SentinelOne Singularity 
VMware Carbon Black 
Proficiency in scripting and automation (Python, PowerShell, Bash). 
Strong understanding of attack techniques, malware, and adversary behaviors. 
Preferred Qualifications

Experience conducting red team operations. 
Experience with cloud-native security platforms. 
Knowledge of detection engineering and purple teaming. 
Experience with security automation and SOAR technologies.

 Success Metrics

Improvement in endpoint visibility and detection coverage. 
Reduction in false positives and alert fatigue. 
Successful execution of penetration testing engagements. 
Increased detection rates for simulated attacks. 
Timely remediation of identified security weaknesses. 
Continuous improvement of endpoint security posture and threat detection capabilities.