Senior Antivirus Engineer (McAfee)

Help AG looking for an experienced Senior Antivirus Engineer to join our Cybersecurity team. The ideal candidate will have hands-on expertise in implementing and supporting endpoint security solutions. This role involves ensuring robust endpoint protection across enterprise environments, handling escalations, optimizing policies, and supporting continuous improvement of antivirus infrastructure.

Requirements

Responsibilities

• Implement, configure, and maintain enterprise-level antivirus and EDR solutions: Microsoft Defender for Endpoint, CrowdStrike, and McAfee ePO.

• Perform daily monitoring and health checks of endpoint security tools and agents.

• Manage antivirus policies, exclusions, updates, and deployments across all endpoints.

• Investigate and respond to malware alerts and endpoint security incidents in coordination with the SOC and incident response teams.

• Drive patch management, version upgrades, and integration with SIEM/SOAR platforms.

• Provide Tier support for complex or escalated endpoint protection issues.

• Maintain documentation, playbooks, and support compliance reporting and audits.

• Support endpoint security audits, internal assessments, and ensure alignment with compliance frameworks such as ISO 27001, NIST, and GDPR.

• Collaborate with IT and InfoSec teams on vulnerability management, patching strategies, and endpoint hardening.

• Monitor threat intelligence feeds to stay updated on evolving attack techniques and apply relevant indicators to endpoint detection rules.

• Assist in evaluating new endpoint security tools, conduct POCs, and recommend enhancements based on threat trends and environment needs.

• Participate in incident response simulations, tabletop exercises, and contribute to improving overall cyber readiness.

• Support efforts related to data loss prevention (DLP) and device control enforcement across endpoints.

• Work closely with infrastructure teams to ensure secure configurations for newly provisioned devices and systems.

Qualifications & Skills:

• Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related technical field.

• 6–10 years of hands-on experience in endpoint protection, antivirus engineering, and EDR implementation/support.

• Proven expertise in deploying, managing, and optimizing:

  o Microsoft Defender for Endpoint

  o CrowdStrike Falcon EDR

  o McAfee ePolicy (ePO) and its associated modules.

• Strong understanding of malware classification, threat vectors, heuristic detection, and signature-based scanning.

• Hands-on experience in analyzing Indicators of Compromise (IOCs) and leveraging endpoint telemetry for threat hunting and incident response.

• Experience in enterprise-scale environments, including:

• Windows-based infrastructure (servers & endpoints)

• Exposure to Linux and macOS endpoint security is a plus.

• Familiarity with EDR event analysis, process tree correlation, and threat actor behavior patterns.

• Proficiency in PowerShell, Python, or other scripting languages for task automation and custom integrations.

• Experience integrating endpoint tools with SIEM and SOAR platforms (e.g., Splunk, Azure Sentinel, IBM QRadar).

• Solid understanding of endpoint hardening, device control, application whitelisting, and USB/media protection policies.

• Knowledge of vulnerability management, CVE analysis.

• Familiarity with cybersecurity frameworks and standards: MITRE ATT&CK, Cyber Kill Chain, NIST, ISO 27001.

• Hands-on participation in incident response, forensics, and malware containment efforts.

• CompTIA Security+ certification (mandatory); additional certifications such as CEH, CISSP, GCIA, GCIH, Microsoft SC-200, or CrowdStrike Certified Falcon Administrator are a strong plus.

• Strong communication and documentation skills with the ability to present technical insights to non-technical stakeholders and leadership teams.

• Ability to lead security assessments, coordinate with vendors, and provide strategic security recommendations.

Benefits

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement and wellness campaigns activities throughout the year.

• Excellent learning and development opportunities.

• Inclusive and diverse working environment.

• Flexible/Hybrid working environment.

• Annual flight tickets to home country.

• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.