Senior Endpoint Security Engineer

We are seeking a highly skilled and detail-oriented Senior Endpoint Security Engineer to join our Information Security team. This role will be primarily responsible for managing and enhancing the protection of our endpoint and perimeter defenses through platforms including SentinelOne EDR/XDR, Cloudflare WAF, and our enterprise SIEM solution.
You will work closely with IT Systems Engineering, Compliance, and Application Owners across the enterprise to ensure robust and adaptive security controls, policy enforcement, and real-time threat response in a regulated healthcare environment.

• Own and maintain the configuration and lifecycle management of SentinelOne EDR/XDR platform across all endpoints.
• Administer and tune policies in Cloudflare WAF to protect external-facing applications from OWASP Top 10 threats and targeted attacks.
• Manage and optimize SIEM platform integrations, log sources, parsing rules, alert logic, and storage.
• Design and implement custom detection rules, behavioral policies, and threat intelligence feeds for SentinelOne and SIEM.
• Monitor and triage real-time alerts from EDR/XDR, WAF, and SIEM.
• Coordinate with IT and application owners to validate findings, assess impact, and drive containment or mitigation activities.
• Conduct detailed investigations of valid security events and incidents using forensic and log analysis techniques.
• Draft and deliver post-incident reports, including timeline of events, root cause analysis, containment/remediation steps, and lessons learned.
• Work closely with IT Systems Engineering on endpoint hardening, policy enforcement (GPO/MDM), and software deployment strategy.
• Partner with GRC to support audit readiness and maintain alignment with HIPAA, HITRUST, and NIST CSF requirements.
• Support DevOps and business teams in secure application delivery and infrastructure security reviews.
• Proactively enhance detection logic and reduce false positives through continuous tuning.
• Develop automated workflows and playbooks to streamline response using SOAR or scripting where applicable.
• Assist in the development of security standards, SOPs, and hardening guides within the Endpoint Security area of ownership..

• You have 5+ years in detection engineering, cyber defense, or endpoint security engineering role or equivalent experience.
• You have deep hands-on experience with EDR/XDR tools (SentinelOne preferred), Cloudflare, and SIEM platforms
• You have strong knowledge of endpoint security architecture, WAF rulesets, log correlation, and threat detection methodologies.
• You have experience in incident response, digital forensics, and technical reporting.
• You are familiar with regulatory and compliance frameworks (HIPAA, HITRUST, NIST).
• You are proficient in scripting (e.g., Python, PowerShell) for automation (highly desirable).
• You have relevant certifications (e.g., GCED, GCIH, CEH, or vendor-specific).

Benefits Overview: 

• Financial Well-Being: Our commitment to attracting and retaining top talent begins with a competitive base salary and equity opportunities. Additionally, we offer a performance-based bonus program, 401k matching, and regular compensation reviews to recognize and reward exceptional contributions.
• Physical Well-Being: We prioritize the health and well-being of our employees and their families by providing comprehensive medical, dental, and vision coverage. Your health matters to us, and we invest in ensuring you have access to quality healthcare.
• Mental Well-Being: We understand the importance of mental health in fostering productivity and maintaining work-life balance. To support this, we offer initiatives such as No-Meeting Fridays, monthly company holidays, access to mental health resources, and a generous flexible time-off policy. Additionally, we embrace a remote-first culture that supports collaboration and flexibility, allowing our team members to thrive from any location. 
• Professional Development: Developing internal talent is a priority for Clover. We offer learning programs, mentorship, professional development funding, and regular performance feedback and reviews.

Additional Perks:

• Employee Stock Purchase Plan (ESPP) offering discounted equity opportunities
• Reimbursement for office setup expenses
• Monthly cell phone & internet stipend
• Remote-first culture, enabling collaboration with global teams
• Paid parental leave for all new parents
• And much more!

About Clover: We are reinventing health insurance by combining the power of data with human empathy to keep our members healthier. We believe the healthcare system is broken, so we've created custom software and analytics to empower our clinical staff to intervene and provide personalized care to the people who need it most.

We always put our members first, and our success as a team is measured by the quality of life of the people we serve. Those who work at Clover are passionate and mission-driven individuals with diverse areas of expertise, working together to solve the most complicated problem in the world: healthcare.

From Clover’s inception, Diversity & Inclusion have always been key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences, perspectives, opinions, and backgrounds, who share a passion for improving people's lives. Diversity not only includes race and gender identity, but also age, disability status, veteran status, sexual orientation, religion and many other parts of one’s identity. All of our employee’s points of view are key to our success, and inclusion is everyone's responsibility.

#LI-Remote

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. We are an E-Verify company.

A reasonable estimate of the base salary range for this role is $130,000 to $165,000. Final pay is based on several factors including but not limited to internal equity, market data, and the applicant’s education, work experience, certifications, etc.