Windows Security Engineer

A Career with Point72's Global Information Security Team

Our Global Information Security team's mission is to ensure the development, implementation, and management of a comprehensive program that effectively protects the confidentiality, integrity, and availability of Point72 information assets. Our team is comprised of security professionals with expertise in a diverse portfolio of security disciplines.

What you'll do

• Design and implement secure Windows Server and Active Directory architectures at scale
• Architect and maintain hybrid identity solutions integrating on-premise AD with EntraID (Azure AD) and Okta
• Configure and manage AD delegation models following least privilege principles
• Implement and maintain identity protection solutions (eg: Defender for Identity, CrowdStrike Identity Protection, Quest Active Roles, etc)
• Develop and enforce security standards for Windows Server deployments, including bare metal, VMware and public cloud (AWS, Azure, GCP)
• Collaborate with Endpoint Engineering teams to secure Windows endpoints using solutions including SCCM and InTune
• Configuration management for Windows Firewall and ASR rules across our endpoint estate
• Help to monitor and mature our Windows patching and vulnerability management program Windows
• Perform security assessments and audits of Windows infrastructure
• Monitor and respond to security incidents related to Windows infrastructure
• Collaborate with infrastructure and security teams on identity and access management initiatives

What's required

• Bachelor's degree in Computer Science, Information Security, or related field
• 7+ years of experience in Windows Server administration and security with deep expertise in Active Directory, Group Policy, AzureAD/EntraID, ADFS, DFS, SMB/CIFS, IIS, SQL Server, Kerberos, LDAP, NTLM, DNS, WMI, LAPS, Bitlocker and related Microsoft Server technologies
• Experience with all common versions of Windows Server (2012, 2016, 2019, 2022 & 2025) and Windows 10-11 desktop OS
• Strong general knowledge of core infrastructure (Networking, storage, virtualization/VMware, etc)
• Advanced knowledge of AD delegation models and associated best practices
• Experience with identity protection platforms (Defender for Identity, CrowdStrike Identity Protection, etc.)
• Proficiency navigating and triaging Windows event logs
• Familiarity with Centrify as means of integrating Linux with Active Directory
• Familiarity with Quest Active Directory security products (eg: Active Roles)
• Proficiency with PowerShell required

We take care of our people

We invest in our people, their careers, their health, and their well-being. When you work here, we provide:

• Fully-paid health care benefits
• Generous parental and family leave policies
• Volunteer opportunities
• Support for employee-led affinity groups representing women, people of color and the LGBT+ community
• Mental and physical wellness programs
• Tuition assistance
• A 401(k) savings program with an employer match and more

About Point72

Point72 Asset Management is a global firm led by Steven Cohen that invests in multiple asset classes and strategies worldwide. Resting on more than a quarter-century of investing experience, we seek to be the industry's premier asset manager through delivering superior risk-adjusted returns, adhering to the highest ethical standards, and offering the greatest opportunities to the industry's brightest talent. We're inventing the future of finance by revolutionizing how we develop our people and how we use data to shape our thinking. For more information, visit www.Point72.com/working-here.