Job details

You are in: Home » Jobs » Freelance Security Engineer – (Endpoint Hardening / WDAC / Intune)

Job Details

Share this job

Freelance Security Engineer – (Endpoint Hardening / WDAC / Intune)

  • Contract
  • Anywhere

Core summary: End-to-end responsible for designing, implementing and rolling out workplace hardening and application control within a complex enterprise environment. You’ll lead the introduction of a default-deny model (WDAC/AppLocker), integrate it with Intune and Microsoft Defender, and ensure controlled, measurable, and secure adoption across the organization.
 
Goal
To structurally increase endpoint security by realizing a robust, centrally managed and organization-wide applied hardening and application control framework.
 
Key responsibilities

  • Design & implementation of workplace hardening
  • Establish an organization-wide hardening framework for Windows endpoints.
  • Translating security requirements into technical configurations and policies.
  • Default‑deny application control
  • Implementeren van Windows Defender Application Control (WDAC) en/of AppLocker.
  • Establish a trusted signing and trust model.
  • Developing exception processes and governance.
  • Integration with Microsoft Intune & Defender
  • Configure and distribute policies through Intune.
  • Integrate with Microsoft Defender for Endpoint for discovery, reporting, and monitoring.
  • Automate deployment and policy updates.
  • Phased rollout & tuning
  • Setting up a controlled roll-out strategy (pilot → phased adoption → entire organization).
  • Setting up monitoring, logging and feedback loops.
  • Continuous tuning of rules based on telemetry, incidents and user impact.
  • Collaboration & stakeholder management
  • Intensive collaboration with Workplace, SOC, IT operations, developers and external suppliers.
  • Advising on the security implications of applications, updates and new tooling.
  • Clear communication about risks, impact and progress.

Required knowledge and experience

  • Deep experience with WDAC, AppLocker, Intune, Microsoft Defender and Windows endpoint management.
  • Strong background in endpoint security, hardening, zero trust and default-deny models.
  • Experience with enterprise environments and large-scale rollouts.
  • Analytical ability to interpret telemetry, incidents, and logs.
  • Strong communication skills and able to clearly substantiate technical choices.

 
Result of the assignment
A fully deployed, stable and manageable application control and hardening framework that structurally strengthens endpoint security, minimizes attack vectors and seamlessly connects to existing SOC processes and tooling.
 
 

Apply for Freelance Security Engineer – (Endpoint Hardening / WDAC / Intune)

Upload your CV/resume or any other relevant file. Max. file size: 1 MB.
Maximum file size: 256 MB.
Please indicate that you have read and agree to our privacy policy