The Role
We are looking for a security engineer with strong expertise in Microsoft Application Control for Business (WDAC/AppLocker) to design, implement, and manage application control policies for enterprise endpoints.
Your responsibilities:
Design and deploy Windows Defender Application Control (WDAC) policies
Implement AppLocker / application whitelisting strategies
Create and manage code integrity policies to allow trusted applications only
Monitor, audit, and troubleshoot application control policies
Integrate WDAC policies with Microsoft Intune / Group Policy
Optimize policies to balance security and user productivity
Create SOPs, runbooks, and documentation Ivanti Environment Manager (EM)
Configure and manage user personalization & profile optimization
Design policy-based environment controls
Improve logon performance and user experience
Troubleshoot profile and policy application issues Ivanti Device & Application Control (IDAC)
Implement application control (whitelisting/blacklisting)
Enforce device control policies (USB, peripherals)
Ensure endpoint security & compliance
Handle incident analysis and audit reporting Ivanti Management Console
Manage centralized policy deployment and endpoint configurations
Perform agent deployment, upgrades, and package distribution
Monitor endpoint health, compliance, and policy status
Troubleshoot deployment and connectivity issues
Essential skills/knowledge/experience:
Hands-on experience with:
o WDAC (Windows Defender Application Control)
o AppLocker policies
Strong understanding of:
o Application whitelisting & code signing
o Policy enforcement modes (Audit vs Enforced)
o Windows security architecture
Experience with:
o Policy deployment via Intune or GPO
o Troubleshooting application blocking issues
Basic knowledge of Microsoft Defender for Endpoint
Desirable skills/knowledge/experience:
Experience in enterprise endpoint security
PowerShell scripting for policy management
Microsoft security certifications (MD-102 / SC-200)
Ivanti certifications
Experience with SCCM / Intune
ITIL process awareness