Sr. Security Engineer - EDR ITP

About the Role 

The Sr Security Engineer – Endpoint & Identity Threat Protection (EDR / ITP) is responsible for engineering, deploying, and optimizing advanced detection and response technologies that safeguard Mattel’s global enterprise. This senior technical role focuses on proactive endpoint detection, response automation, and identity threat protection, helping to strengthen the organization’s cyber defense posture. The position requires deep technical expertise across endpoint and identity protection technologies, strong collaboration skills, and a commitment to continuous improvement through automation, analytics, and security modernization initiatives. 

Roles and Responsibilities 

• Engineer, deploy, and maintain enterprise Endpoint Detection and Response (EDR) and Identity Threat Protection (ITP) platforms across Mattel’s environments. 

• Develop, tune, and optimize behavioral analytics and detection logic to identify, prevent, and respond to malicious activity targeting endpoints and identities. 

• Collaborate with Security Operations and Incident Response teams to investigate, contain, and remediate security incidents effectively and efficiently. 

• Integrate EDR and ITP technologies with SIEM, SOAR, and threat intelligence platforms to improve visibility, automation, and response capabilities. 

• Contribute to the architecture, implementation, and continuous enhancement of endpoint and identity threat protection strategies in alignment with Mattel’s cybersecurity goals. 

• Partner with IT, Infrastructure, and Security Architecture teams to support secure configuration management, policy enforcement, and system hardening across all endpoints. 

• Ensure endpoint and identity protection controls align with corporate security policies, compliance mandates, and global regulatory standards. 

• Perform advanced telemetry analysis, detection validation, and post-incident investigations to improve detection fidelity and reduce false positives. 

• Collaborate with Engineering, Cloud, and Infrastructure teams to ensure endpoint tools operate effectively across hybrid and cloud environments. 

• Develop and maintain documentation, operational standards, and playbooks for endpoint and identity threat protection workflows. 

• Participate in post-incident reviews to identify gaps, lessons learned, and opportunities to enhance security processes. 

• Evaluate emerging endpoint and identity threat protection technologies and contribute to technical proof-of-concept initiatives to support security modernization.