The Engineer will provide advanced technical support for enterprise network and endpoint environments. The primary objective is to implement new solutions and leverage existing tools within the architecture to support logging, auditing of security controls, upgrades, and feature enhancements. The Engineer will also assist in administering information security functions for Windows and macOS baselines, including updates, policy administration, and validation for special access to segmented environments (both cloud and non-cloud). This role encompasses a blend of network infrastructure support and advanced endpoint engineering (not standard help desk functions).

• Network Infrastructure Support:Configure, maintain, and troubleshoot routers, switches, firewalls, Virtual Private Networks (VPNs), Domain Name Systems (DNS), Dynamic Host Configuration Protocols (DHCP), Virtual Local Area Networks (VLANs), and related network technologies.
• Network Security & Compliance:Actively support network security initiatives, including vulnerability remediation, network segmentation, access controls, and incident response activities. Apply working knowledge of NIST cybersecurity frameworks (including NIST SP 800-53) and Zero Trust principles.
• Endpoint Imaging and Automation Engineering:Build and maintain Windows and macOS workstation images. Manage image automation, validation, rollback, and version control processes. Integrate images with Virtual Desktop Infrastructure (VDI), Endpoint Detection and Response (EDR), authentication, and logging agents.
• Patch and Configuration Management:Utilize tools such as Ivanti and/or KACE for OS and application patching. Manage configuration drift, execute remediation workflows, and provide comprehensive reporting. Validate patches post-deployment and support necessary rollback procedures.
• Device Enrollment and Identity Engineering:Leverage Microsoft Intune and Windows Autopilot for provisioning and compliance enforcement. Utilize JAMF Pro for comprehensive macOS endpoint management. Implement and manage advanced authentication methods, including passwordless authentication and hardware-backed credentials (e.g., YubiKey, CAC, software keys).
• Logging, Monitoring, and Telemetry:Configure robust endpoint logging (e.g., Windows Event Logs, macOS Unified Logs). Forward and validate logs into SIEM/EDR platforms (such as MS Sentinel) to support forensic collection, audit readiness, and continuous monitoring.
• Documentation:Develop and maintain detailed network documentation, diagrams, standard operating procedures (SOPs), and configuration baselines.
• Security Administration:Assist in administering all information security functions for Windows and macOS baselines, working under formal change control, audit, and security governance processes.

• Clearance & Background:Must possess an active Top Secret security clearance.
• Education: A Bachelors degree in Information Technology, Cybersecurity, or a related field (or equivalent experience) is preferred.

Experience:

• A minimum of eight (8) years of overall experience in Information Technology, Endpoint Engineering, or Cybersecurity.
• A minimum of six (6) years of dedicated experience performing advanced engineering (not help desk) functions in complex enterprise environments.
• Demonstrated experience working under formal change control, audit, and security governance processes.

Required Technical Skills:

• Strong background in configuring and troubleshooting routers, switches, firewalls, VPNs, DNS, DHCP, and VLANs.
• Hands-on experience using Ivanti and/or KACE for OS and application patching.
• Experience with Microsoft Intune, Windows Autopilot, and JAMF Pro.
• Working knowledge of NIST SP 800-53 and Zero Trust principles.

Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• While performing the duties of this job, the employee may be regularly required to stand, sit, talk, hear, reach, stoop, kneel, and use hands and fingers to operate a computer, telephone, keyboard, and standard office equipment
• Specific vision abilities required by this job include close vision requirements due to computer workThe employee must occasionally lift and/or move up to 15 pounds
• Fine hand manipulation (keyboarding)

Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Exposure to general office conditions while conducting office duties
• Moderate noise (i.e., business office with computers, phone, and printers, light traffic)
• Ability to work in a confined area
• Ability to sit at a computer terminal for an extended period