Everforth ECS is seeking a Product Manager SME to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax. Please Note: This position is contingent upon contract award.

The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP focuses on operational warfighting data and aims to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
• The Endpoint Security Solutions Lead SME is a senior subject matter expert responsible for leading enterprise endpoint protection, detection, and response operations across WDP-supported DoW mission systems in unclassified and classified environments. Drawing on ECS's proven track record in large-scale endpoint security operations-including the transition of more than 750,000 Army endpoints onto the Army Endpoint Security Solution (AESS) 2.0 with zero operational gaps -this role is expected to deliver the same standard of rigor, discipline, and mission assurance to the WDP Core Integration enterprise.
• Leads enterprise endpoint security operations supporting Department of War mission systems across unclassified and classified environments.
• Operates and sustains endpoint protection platforms including Host-Based Security System, antivirus services, endpoint detection and response tooling, and compliance monitoring agents deployed across workstation and server fleets.
• Configures and tunes endpoint security policies to enforce DoW cybersecurity baselines while maintaining operational availability for Combatant Command and Defense Agency missions.
• Investigates endpoint alerts related to malware activity, suspicious behavior, and policy violations using centralized consoles, SIEM integrations, and forensic utilities.
• Coordinates containment, eradication, and recovery actions with system administrators, network defenders, and incident response teams in accordance with approved response procedures.
• Deploys endpoint security updates, agent upgrades, and signature releases while validating successful propagation and system health.
• Monitors endpoint compliance posture against configuration baselines, patch requirements, and IAVA directives, documenting results within continuous monitoring repositories.
• Produces endpoint security status reports, incident summaries, and compliance dashboards for cybersecurity leadership and Authorizing Officials using ServiceNow, SharePoint, and reporting platforms.
• Supports audits, inspections, and authorization activities through defensible evidence collection and traceability.
• Delivers measurable improvements in threat detection coverage, response timeliness, endpoint hygiene, and mission resilience while reinforcing program values of operational readiness, cyber discipline, accountability, and information protection.
• Performs other duties as assigned.
• Current Secret security clearance.
• 12 or more years of progressively responsible experience in endpoint security, cybersecurity operations, or a closely related field, with demonstrated expert-level proficiency managing large-scale endpoint protection programs across enterprise or multi-enclave DoW environments .
• DoW 8140/8570 IAM Level I baseline certification, satisfied by one of the following active credentials: CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Hands-on experience operating and administering endpoint protection platforms such as Host-Based Security System (HBSS), Endpoint Detection and Response (EDR) tooling, and compliance monitoring agents across NIPRNet, SIPRNet, and JWICS environments, including policy configuration, agent lifecycle management, and compliance posture tracking .
• Demonstrated experience supporting continuous monitoring, POA&M management, SIEM integration, and cybersecurity authorization activities using platforms such as eMASS, ServiceNow, Splunk, or equivalent tools in a DoW or federal government environment .
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).