Overview As a TAG Senior IT Administrator, you will lead the end-to-end technical strategy, security architecture, and operational oversight for Deployable Communications Kits (DCKs) used for secure, managed-attribution communications. In this role, you will own infrastructure design, standards, and compliance; guide procurement, imaging, isolation technologies, and lifecycle management; ensure help desk readiness and training delivery; and maintain audit-ready documentation aligned to USG requirements.
Security Requirement: - An active SECRET clearance
Roles and Responsibilities: - Design secure reference architectures for kit connectivity and managed attribution (MA), including network segmentation, VPN policy baselines, identity boundary controls, browser isolation, virtual containers, and app streaming.
- Define security baselines, hardening standards, and configuration templates (e.g., CIS Benchmarks, applicable NIST guidance such as SP 800-53/800-171, and media sanitization via 800-88) aligned to client requirements.
- Establish logging/telemetry, SIEM integration, and incident workflows for kit devices (e.g., endpoint detection & response, audit trails, secure update channels).
- Own end-to-end lifecycle governance (2-3 years): procurement standards, asset tagging/serialization, chain of custody, maintenance, patching cadence, and decommissioning/sanitization.
- Define SLAs, surge protocols (=2-hour response), escalation paths, and service reporting/dashboards.
- Coordinate with vendor partners and the client for requirements validation, risk acceptance, and change management.
- Select and standardize technologies for isolation (virtual containers, ephemeral browsers, app streaming), device management (e.g., Microsoft Intune/Endpoint Manager, Autopilot), and secure connectivity (VPN clients/routers, MFA/2FA).
- Oversee golden images, secure boot, firmware policies, certificate management, and update channels across laptops/tablets/routers/peripherals.
- Direct the training program for managed attribution usage, kit handling (Faraday bags, data blockers), and secure operating procedures; approve training content and job aids.
- Ensure help desk SOPs align with ITIL practices; maintain a tiered support model, runbooks, and knowledge base.
- Maintain documentation: SSPs, diagrams, SOPs, asset registers, inventory logs, incident records, and patch status for audits.
- Implement risk management processes, vulnerability management, and continuous improvement.
Position Requirements: - 7-10+ years' experience in infrastructure/IT operations; 3+ years leading secure endpoint or field-kit programs.
- Certifications (requested): CISSP, CISM & ISSM (or equivalent DoD 8570/8140 management-level certifications).
- Technical Depth: Secure device management (Windows 11, iOS/iPadOS, Android Enterprise), Microsoft Entra ID/Azure AD, Intune/Endpoint Manager, VPN technologies, MFA/2FA, EDR/SIEM, browser isolation/app streaming frameworks.
- Soft Skills: Program leadership, executive communication, vendor management, audit/documentation discipline.
Preferred - Experience supporting USG programs, managed attribution concepts, or deployable/expeditionary communications.
- Familiarity with STIGs/CIS controls, Zero Trust principles, and field logistics.