Infrastructure Engineer - Security Architecture New York, NY Posted today
Bloomberg L.P., New York, NY, United States
Infrastructure Engineer - Security Architecture
Location
New York
Business Area
Engineering and CTO
Ref #
10050604
Description & Requirements
Our Team:
The Global Corporate Technology Group is responsible for designing, deploying, and supporting Bloomberg’s enterprise technology systems used by employees across our global environment. Within that organization, the Security Architecture team engineers and operates endpoint security services used across the corporate environment.
Our team owns the design, build, deployment, integration, and support of endpoint security technologies across Windows and macOS. Linux support is expected to grow over time. We support Enterprise Endpoint Detection and Response (EDR) and Antivirus (AV) products including Carbon Black and CrowdStrike, Endpoint Privilege Management (EPM), and the integrations needed to connect these services with internal identity, logging, and software deployment systems.
We are responsible for agent deployment, approved control rollout, version upgrades, automation, staged release, rollback planning, health monitoring, and production support. Endpoint stability and performance are a priority for the team. We work closely with internal Corporate Technology teams including Endpoint User Compute, Chief Technology Office (CTO), RISK, Technology Vulnerability Management (TVM), and the Computer Incident Response Team (CIRT) and Security Operations Center (SOC), but our focus is engineering, integration, and service ownership.
Infrastructure Engineer
The Role
As an Infrastructure Engineer, you will build, automate, deploy, and operate endpoint security services at scale. This is an engineering role focused on automation, integrations, and production ownership, not a click‑ops administration role. You will take business and security requirements and turn them into technical designs, rollout plans, implementation tasks, test plans, runbooks, and support procedures, then execute those plans in production.
The work is centered on endpoint technologies. That includes automating configuration changes through vendor Application Programming Interfaces (APIs), staging rollouts through identity and device targeting, collecting agent and console logs into internal systems, and managing upgrades with clear validation and rollback. Endpoint performance, user impact, and service health must be considered in every change.
This role requires strong infrastructure engineering fundamentals, experience operating at enterprise scale, and the ability to apply a modern Software Development Life Cycle (SDLC) to endpoint security services.
We’ll trust you to
Take business and security requirements and turn them into technical designs, rollout plans, implementation tasks, test plans, runbooks, and support models, then execute those plans in production
Design, implement, and operate endpoint security services across Carbon Black, CrowdStrike, CyberArk Endpoint Privilege Management (EPM), Sysmon, and related internal integrations
Build and maintain automation using Python, PowerShell, Bash, Ansible, Terraform, and vendor or internal Application Programming Interface (API) integrations to provision, configure, validate, upgrade, and troubleshoot endpoint agents at scale
Build and manage Git based workflows and Continuous Integration and Continuous Delivery (CI/CD) pipelines for endpoint service configuration and automation, including Pull Request (PR) review, automated validation, staged promotion, rollback, and controlled release practices
Plan and execute agent deployments, upgrades, and approved control rollout with clear validation around endpoint performance, user impact, service health, and rollback safety
Build observability for the services you own, including health checks, dashboards, alerting, telemetry validation, and operational reporting, with an understanding of Service Level Objectives (SLOs) and Service Level Indicators (SLIs)
Troubleshoot and restore service issues involving authentication, networking, proxies, certificates, endpoint agents, logging pipelines, and Software as a Service (SaaS) to on premise integrations, while partnering with internal teams and vendors to drive long term fixes
You’ll need to have
4+ years of experience engineering and operating enterprise infrastructure or endpoint security services in production at scale across Software as a Service (SaaS) and on premise environments
Experience in Python or another object‑oriented language, plus PowerShell or Bash for operational automation
Experience building tools and integrations using Representational State Transfer (REST) APIs and working with enterprise infrastructure services and vendor technologies
Experience with Infrastructure as Code (IaC) and orchestration frameworks such as Terraform, Ansible, or similar tools
Strong familiarity with Git workflows, Pull Request (PR) review, automated testing, and Continuous Integration and Continuous Delivery (CI/CD) pipelines
Strong troubleshooting skills across authentication and authorization flows, enterprise networking, proxy constrained environments, certificates, endpoint agents, and distributed dependencies
Experience building and operating observability for enterprise services, including health metrics, dashboards, alerting, telemetry checks, and operational measurements tied to SLOs and SLIs
The ability to take ownership of issues end to end, create clear technical documentation from requirements, and drive work through implementation, validation, and support
We’d love to see
Experience with one or more of the following technologies: Carbon Black, CrowdStrike, CyberArk Endpoint Privilege Management (EPM), Microsoft Entra, or Sysmon
Experience managing endpoint agent lifecycle activities at scale, including deployment, approved control rollout, health validation, upgrades, rollback, and performance monitoring
Experience integrating SaaS endpoint services with internal identity, logging, or software deployment systems
Experience building drift detection, closed loop validation, or self‑healing automation for endpoint services
Strong written and verbal communication skills and the ability to work independently in a production engineering environment
Salary Range = 130000 - 225000 USD Annually + Benefits + Bonus
The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.
We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.
Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email amer_recruit@bloomberg.net
#J-18808-Ljbffr
Location
New York
Business Area
Engineering and CTO
Ref #
10050604
Description & Requirements
Our Team:
The Global Corporate Technology Group is responsible for designing, deploying, and supporting Bloomberg’s enterprise technology systems used by employees across our global environment. Within that organization, the Security Architecture team engineers and operates endpoint security services used across the corporate environment.
Our team owns the design, build, deployment, integration, and support of endpoint security technologies across Windows and macOS. Linux support is expected to grow over time. We support Enterprise Endpoint Detection and Response (EDR) and Antivirus (AV) products including Carbon Black and CrowdStrike, Endpoint Privilege Management (EPM), and the integrations needed to connect these services with internal identity, logging, and software deployment systems.
We are responsible for agent deployment, approved control rollout, version upgrades, automation, staged release, rollback planning, health monitoring, and production support. Endpoint stability and performance are a priority for the team. We work closely with internal Corporate Technology teams including Endpoint User Compute, Chief Technology Office (CTO), RISK, Technology Vulnerability Management (TVM), and the Computer Incident Response Team (CIRT) and Security Operations Center (SOC), but our focus is engineering, integration, and service ownership.
Infrastructure Engineer
The Role
As an Infrastructure Engineer, you will build, automate, deploy, and operate endpoint security services at scale. This is an engineering role focused on automation, integrations, and production ownership, not a click‑ops administration role. You will take business and security requirements and turn them into technical designs, rollout plans, implementation tasks, test plans, runbooks, and support procedures, then execute those plans in production.
The work is centered on endpoint technologies. That includes automating configuration changes through vendor Application Programming Interfaces (APIs), staging rollouts through identity and device targeting, collecting agent and console logs into internal systems, and managing upgrades with clear validation and rollback. Endpoint performance, user impact, and service health must be considered in every change.
This role requires strong infrastructure engineering fundamentals, experience operating at enterprise scale, and the ability to apply a modern Software Development Life Cycle (SDLC) to endpoint security services.
We’ll trust you to
Take business and security requirements and turn them into technical designs, rollout plans, implementation tasks, test plans, runbooks, and support models, then execute those plans in production
Design, implement, and operate endpoint security services across Carbon Black, CrowdStrike, CyberArk Endpoint Privilege Management (EPM), Sysmon, and related internal integrations
Build and maintain automation using Python, PowerShell, Bash, Ansible, Terraform, and vendor or internal Application Programming Interface (API) integrations to provision, configure, validate, upgrade, and troubleshoot endpoint agents at scale
Build and manage Git based workflows and Continuous Integration and Continuous Delivery (CI/CD) pipelines for endpoint service configuration and automation, including Pull Request (PR) review, automated validation, staged promotion, rollback, and controlled release practices
Plan and execute agent deployments, upgrades, and approved control rollout with clear validation around endpoint performance, user impact, service health, and rollback safety
Build observability for the services you own, including health checks, dashboards, alerting, telemetry validation, and operational reporting, with an understanding of Service Level Objectives (SLOs) and Service Level Indicators (SLIs)
Troubleshoot and restore service issues involving authentication, networking, proxies, certificates, endpoint agents, logging pipelines, and Software as a Service (SaaS) to on premise integrations, while partnering with internal teams and vendors to drive long term fixes
You’ll need to have
4+ years of experience engineering and operating enterprise infrastructure or endpoint security services in production at scale across Software as a Service (SaaS) and on premise environments
Experience in Python or another object‑oriented language, plus PowerShell or Bash for operational automation
Experience building tools and integrations using Representational State Transfer (REST) APIs and working with enterprise infrastructure services and vendor technologies
Experience with Infrastructure as Code (IaC) and orchestration frameworks such as Terraform, Ansible, or similar tools
Strong familiarity with Git workflows, Pull Request (PR) review, automated testing, and Continuous Integration and Continuous Delivery (CI/CD) pipelines
Strong troubleshooting skills across authentication and authorization flows, enterprise networking, proxy constrained environments, certificates, endpoint agents, and distributed dependencies
Experience building and operating observability for enterprise services, including health metrics, dashboards, alerting, telemetry checks, and operational measurements tied to SLOs and SLIs
The ability to take ownership of issues end to end, create clear technical documentation from requirements, and drive work through implementation, validation, and support
We’d love to see
Experience with one or more of the following technologies: Carbon Black, CrowdStrike, CyberArk Endpoint Privilege Management (EPM), Microsoft Entra, or Sysmon
Experience managing endpoint agent lifecycle activities at scale, including deployment, approved control rollout, health validation, upgrades, rollback, and performance monitoring
Experience integrating SaaS endpoint services with internal identity, logging, or software deployment systems
Experience building drift detection, closed loop validation, or self‑healing automation for endpoint services
Strong written and verbal communication skills and the ability to work independently in a production engineering environment
Salary Range = 130000 - 225000 USD Annually + Benefits + Bonus
The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.
We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.
Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email amer_recruit@bloomberg.net
#J-18808-Ljbffr