Principal Cybersecurity – Endpoint Security Platform Engineer (Tanium + Endpoint Security Platforms + AI-Driven Operations)
Charlotte, North Carolina
Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it.
Overview:
We are seeking a highly skilled Endpoint Security Platform Engineer to join our Cybersecurity team. This is a hands-on, deeply technical role responsible for deploying, operating, and optimizing endpoint security technologies at large global enterprise scale (tens of thousands of endpoints).
Initial focus: Lead the enterprise Tanium deployment, configuration, tuning, and operationalization across a global fleet.
Long-term scope: After Tanium is stabilized, the role expands to broader ownership of endpoint security platforms including EDR, Remote Access VPN, DLP, and proxy/web controls, with a strong emphasis on AI-assisted monitoring, analytics, triage, automation, risk scoring, trend analysis, and reporting to improve security outcomes and operational efficiency.
Key Roles & Responsibilities:
1) Tanium Engineering & Operations (Initial Primary Focus)
- Lead the deployment, configuration, tuning, and ongoing operations of Tanium across a large global endpoint fleet.
- Implement and optimize Tanium modules including Asset, Comply, Deploy, Threat Response, and Reveal, ensuring high availability, performance, and data quality.
- Own endpoint agent rollout strategy, upgrades, health monitoring, and troubleshooting at scale.
- Build and maintain custom content (e.g., sensors, packages, queries, dashboards) to support inventory, vulnerability identification, compliance, and incident response.
- Serve as the Tanium SME during security incidents, audits, and compliance initiatives.
2) Endpoint Security Platforms (Broader, Long-Term Scope)
- Deploy and manage endpoint security agents and controls for:
- Remote Access VPN (e.g., Palo Alto GlobalProtect)
- DLP (e.g., Microsoft Purview/Defender and Forcepoint)
- EDR (e.g., SentinelOne and/or Palo Alto Cortex XDR)
- Proxy / secure web access controls (endpoint agent and policy enforcement as applicable)
- Provide Tier-3 engineering support for endpoint security platforms, including root-cause analysis, performance tuning, policy/exclusion management, and vendor escalation.
- Participate in a weekly on-call support rotation for endpoint security platforms (Tanium, EDR, VPN, DLP, and proxy/web controls), responding to urgent incidents/outages, driving triage to resolution, and coordinating with internal teams and vendors as needed.
- Standardize global deployment patterns and endpoint security baselines to ensure consistent control coverage and user experience.
3) Integrations, Automation, and AI-Driven Security Operations
- Build and maintain integrations between Tanium and other enterprise security tools to improve automation, inventory, vulnerability identification, and threat response.
- Implement AI-assisted monitoring and analytics to improve signal-to-noise, accelerate detection/triage, and reduce manual effort, including:
- AI-assisted alert enrichment and triage (correlation, deduplication, prioritization)
- AI-driven risk scoring for endpoints/users based on posture, vulnerabilities, and behavioral signals
- Trend analysis (control coverage, agent health, patch/compliance drift, incident patterns)
- Automated reporting for operational health, compliance, and executive-level metrics
- Develop and maintain automation (APIs, scripting, orchestration) to support:
- Agent deployment/upgrade workflows
- Compliance checks and remediation
- Incident response actions (containment support, rapid scoping, targeted remediation)
- Continuous control validation and drift detection
4) Documentation, Runbooks, and Operational Excellence
- Maintain detailed runbooks, operational playbooks, and endpoint security baselines for global deployment consistency.
- Define and track KPIs (coverage, agent health, MTTR, compliance posture, vulnerability exposure) and produce recurring operational and risk reports.
- Partner with Security Operations, Infrastructure, and End-User Computing teams to align endpoint tooling with incident response, vulnerability management, and compliance workflows.
- Conduct root cause analysis for endpoint performance/telemetry issues and drive remediations through coordinated change management processes.
Required Qualifications:
- 5+ years in endpoint security or endpoint systems engineering within large enterprise environments.
- Hands-on experience deploying and operating endpoint security agent technologies such as EDR, DLP, and VPN (proxy/web controls experience a plus).
- Strong Tanium capability (deployment and operations) and ability to function as an SME during incidents/audits/compliance efforts.
- Demonstrated experience building integrations across security tools to improve automation and response.
- Experience using AI-assisted workflows in security operations (monitoring/analytics/triage/automation) and translating outputs into actionable engineering changes.
- Strong scripting/automation skills (e.g., PowerShell, Python, APIs) and comfort operating at scale across global fleets.
- Strong expertise in endpoint operating systems (Windows, Linux, Android, and iOS), including OS internals, security hardening, configuration management, and troubleshooting at enterprise scale.
- Ability to work effectively with distributed, cross-functional teams on security tool deployment and integration projects.
- Self-reliant, diligent follow-through on assigned tasks; able to operate well under pressure and urgent circumstances.
- Ability to produce clear technical documentation and operational reporting.
Preferred Qualifications:
- Tanium Certified Operator or Administrator.
- Deep experience with Tanium modules: Asset, Comply, Deploy, Threat Response, Reveal.
- Experience with Palo Alto GlobalProtect, Microsoft Purview/Defender + Forcepoint DLP, and SentinelOne / Cortex XDR.
- Experience implementing AI-driven capabilities such as:
- Endpoint/posture risk scoring models
- Automated trend and anomaly detection
- AI-assisted executive reporting and operational dashboards
- Experience designing endpoint security architecture and standardizing global deployment patterns.
- Security certifications such as CISSP, GIAC, or equivalent
What Success Looks Like
- Tanium is deployed and operating reliably at scale with strong coverage, performance, and actionable reporting.
- Endpoint security platforms (EDR/VPN/DLP/proxy) are operationally mature: consistent deployments, measurable health, and efficient Tier-3 support.
- The weekly on-call rotation runs smoothly with clear runbooks, fast triage, and measurable improvements in stability and MTTR.
- AI-assisted monitoring, analytics, triage, and automation measurably improve speed and quality of response, reduce manual workload, and enhance risk visibility through scoring, trends, and reporting.
Education/Experience: Bachelor’s degree (BS/BA) desired in Computer Science or Cybersecurity. 7+ years of related experience. Certification is required in some areas.
Supervisor:
No
Our Principal Cybersecurity earns between $155,000-$233,200 USD Annual, not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.
Joining our team comes with amazing perks and benefits:
- Medical/Dental/Vision coverage
- 401(k) plan
- Tuition reimbursement program
- Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
- Paid Parental Leave
- Paid Caregiver Leave
- Additional sick leave beyond what state and local law require may be available but is unprotected
- Adoption Reimbursement
- Disability Benefits (short term and long term)
- Life and Accidental Death Insurance
- Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
- Employee Assistance Programs (EAP)
- Extensive employee wellness programs
- Employee discounts up to 50% off on eligible AT&T mobility plans and accessories,
- AT&T internet (and fiber where available) and AT&T phone.
#LI-Onsite – Full-time office role-
Ready to join our team? Apply today.
Weekly Hours:
40Time Type:
RegularLocation:
Charlotte, North CarolinaSalary Range:
$155,400.00 - $233,200.00It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
Job ID R-96515 Date posted 03/31/2026
Benefits
Your needs? Met. Your wants? Considered. Take a look at our comprehensive benefits.
- Paid Time Off
- Tuition Assistance
- Medical and dental plans
- Discounts
- Training & Development
Our hiring process
Apply Now
Confirm your qualifications align with the job requirements and submit your application.
Assessments
You may be required to complete one or more assessments, depending on the role.
Interview
Get ready to put your best foot forward! More than one interview may be necessary.
Conditional Job Offer
We’ll reach out to discuss a conditional job offer and the next steps to joining the team.
Background Check
Timing is important – complete the necessary actions to proceed with onboarding.
Welcome to the Team!
Congratulations! It’s time to experience #LifeAtATT.
Check your email (and SPAM) throughout the process for important messages and next steps.
Join our talent network
Didn’t find what you were looking for here? Sign up for our job alerts and get the latest AT&T news.