EUC Security Solution Architect

Taking the lead in shaping secure end-user computing environments aligned with CIS controls in a dynamic retail landscape. Working on impactful, large-scale security transformation projects that enhance customer trust and business resilience. Leveraging cutting-edge security technologies and collaborating with experts to deliver innovative, enterprise-level solutions.

The Role This role as an End User Compute Security Architect will play a key part in strengthening security controls aligned with CIS standards within the retail industry. It involves contributing to enterprise security initiatives, enhancing data protection and endpoint security and supporting large-scale projects impacting customer-facing systems. The role offers exposure to complex retail environments, collaboration with cross-functional teams and access to modern security tools and cutting-edge technologies to design and implement robust security solutions.

Your responsibilities:

• Design and shape secure EUC (end-user computing) solutions across laptops, desktops, VDI and mobile devices (android and iOS) using tools like Intune and MECM.
• Put strong endpoint protection in place using EDR/XDR tools such as CrowdStrike and Microsoft Defender to detect and respond to threats.
• Make sure all devices meet security standards by enforcing compliance, policies and configurations through MDM and Intune.
• Protect sensitive data on endpoints using encryption (BitLocker), Microsoft Purview and DLP controls.
• Work closely with identity teams to implement secure access using Conditional Access, Zero Trust principles and tools like Zscaler.
• Keep track of vulnerabilities and risks using EPSS and CISA KEV and ensure timely remediation across endpoints.
• Set up monitoring and alerting using tools like Microsoft Sentinel and Defender to quickly identify and respond to security incidents.
• Collaborate with cloud and security teams to improve visibility and risk posture using platforms like WiZ.
• Manage the full lifecycle of devices—from onboarding and patching to secure decommissioning—using MECM and Intune.
• Provide technical guidance to teams and stakeholders, ensuring the EUC environment stays secure, compliant and aligned with best practices.

Strong experience in implementing and working with CIS Controls v8.1

Your Profile Strong experience working with CIS Controls v8.1 and implementing security best practices. Proven expertise in end-user computing (EUC) security architecture across enterprise environments. Hands-on experience with endpoint security tools such as CrowdStrike, Microsoft Defender and other EDR/XDR solutions. Deep knowledge of device management and compliance using Intune, Workspace ONE, SCCM and MDM/MAM solutions. Solid understanding of identity and access management, including MFA, Conditional Access and Zero Trust principles. Experience implementing data protection controls like BitLocker, DLP and Microsoft Purview. Strong knowledge of vulnerability management using EPSS, CISA KEV and remediation strategies. Experience with security monitoring and SIEM tools such as Microsoft Sentinel. Ability to design and implement secure endpoint configurations, patching and lifecycle management. Excellent stakeholder engagement skills with the ability to provide technical leadership and security guidance.

Desirable skills/knowledge/experience: Good understanding of mapping EUC security capabilities to CIS Controls v8.1 Experience in implementing Zero Trust architecture within end-user environments. Familiarity with advanced threat protection and threat intelligence integration across endpoints. Working knowledge of security frameworks such as NIST, ISO 27001 alongside CIS Controls. Understanding of secure software and application control policies on endpoints. Experience in audit, compliance reporting and risk management aligned with enterprise security programs. Experience in automation. Ability to evaluate and onboard emerging security tools and technologies to strengthen CIS control coverage.