System Administrator - Endpoint Security Solutions (ESS) Operator

SMS is seeking a dynamic, motivated individual to serve as a Junior or Mid-Level Endpoint Security Solutions (ESS) Operator I or II (depends upon experience) in support of the 26 NOS, US Air Force at Maxwell AFB, Gunter Annex.  The ideal candidate with have experience in information system administration with a strong cybersecurity knowledge. The ESS Administrator will provide Information Assurance and integration support on the ESS  tool suite. Provide system analysis, troubleshooting and integration support.  If you are seeking a challenging place to work, please review the list of responsibilities and qualifications. If you don’t meet all the qualifications, a candidate may still be considered depending on your level of experience.

SMS is a fast growing, veteran-owned business that's has supported Federal Government's IT initiatives for over four decades.  We work side-by-side with our federal clients as a trusted, long-term partner to offer innovative advice and leadership to solve their most pressing and complex problems. We orchestrate people, strategies, technologies, and best-of-breed business processes. The SMS advantage in management and technology consulting includes deep domain expertise in complex networking design and unifying communities of interest.

Duties & Responsibilities:

• Ability to operate the host-based security and compliance baseline configuration, inventory, and best practices for the endpoint security solution (ESS) deployed across multiple unclassified and classified network locations supporting the implementation for McAfee/Trellix products.
• ESS team manages a suite of products such as: Trellix Agent, ePolicy Orchestrator (ePO), Endpoint Security (ENS) which includes Threat Prevention and Firewall, Data Loss Prevention (DLP), Policy Auditor (PA), and Rogue System Detection (RSD)
• Responsible for monitoring, maintaining, and analyzing data generated by the McAfee/Trellix ePO console (automated server tasks, trend analysis) and troubleshooting product issues, outages on systems, or errors/latency traced to ESS suite across live enclaves.
• Responsible for the ESS deployment, implementation, administration, and analysis must comply with registering and attending appropriate trainings (e.g. ESS 201 Administrator and 301 Advanced Administrator courses) to achieve a certificate, maintain it and present it when inspected to ensure STIG compliance
• Coordinate ESS system activities such as deploying, configuring, monitoring, tuning, upgrading, troubleshooting, and optimizing suite components spanning local, remote, and complex environments refining system rules and alerts.
• Work in concert with ESS team members, admins, users, operators, integrators, and information assurance personnel configuring assets, endpoint security operations and maintaining the ESS program within multiple enclaves.
• Provide network admins and security personnel with mechanisms to prevent, detect, track, report, and remediate malicious computer-related activities and incidents across DoD networks and information systems adhering to ESS working groups and community of practices.
• Assist in meeting strategic requirements while conforming to rigid standards to aide in reducing gaps in cyber security risk exposure; Record configurations, conduct assessments, specify proper types of files organization, indexing methods, security procedures and submit suggestions to ESS schedule(s), agents, scan zones, and endpoint repository management.
• Ability to install and patch operating systems (OS), SQL, McAfee/Trellix suite applications.
• Be familiar with Department Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) / Security Requirements Guide (SRG), applicable to each non-classified or Secret Internet Protocol (IP) Router Network (NIPRNet, SIPRNet) environment for all ESS implementations.
• Responsible for supporting and ensuring external deliverables: Continuous Monitoring and Risk Scoring (CMRS), DoD Patch Repository Defense Asset Distribution System (DADS), build/maintain vulnerability, hardware/software asset lists, and/or audit repositories.
• Assist in leveraging asset management solutions and enterprise network application tools such as Forescout, SolarWinds Orion, Assured Compliance Assessment Solution (ACAS) including .SC (Security Center™) and Nessus® scanners and/or Microsoft Endpoint Configuration Manager (MECM)
• Continuously assesses current ESS implementations for scans, assets, analysis, and permissions.
• Assist with validation and sustainment of documentation such as Security Plans, Plan of Actions and Milestones (POAMs), Role Based Access Controls (RBAC), service accounts, certificates, licenses, and physical/virtual location of each component.
• Responsible to assist/troubleshoot schedule scans are covering 100% of intended targets ensuring timely and accurate scanning and reporting per PMO, IA and DoD policies and orders.
• Maintain ePO system tree per documentation; administer policy catalog management.
• Maintain effective communications with other external and internal teams essential to ESS operations.
• Create/maintain/implement custom security policies in line with DISA ESS best practice guidance.
• Position is subject to up to 10% travel. May be required to be called in after hours for maintenance windows and/or break fix actions.
• Rack and provision government furnished equipment (GFE) servers when applicable.

Qualifications/Requirements:

• Candidate should have 7+ years of years of hands-on experience in:
  • ESS and/or McAfee/Trellix or equivalent endpoint security solution products
  • ePO Application console management
  • Windows operating systems admin support experience in mid-to-large enterprise data center environment; familiarity with network patch/update management
• Exposure interacting with virtualized environments (VMware vSphere, ESXi)
• Demonstrate advanced diagnostics, analytical, critical thinking and troubleshooting skills.
• Passion for continuous learning in IT data protection and technical/infrastructure technologies
• Ability to manage, evaluate and prioritize workload to accommodate and align with business objectives, security concerns, and costs.
• Any relevant scripting experience: Ansible, Bash, Perl, PowerShell, Python
• Any experience within DoD environment or enterprise network data center desired.
• Knowledge of data communications, local-area networking (LAN), wide-area networking (WAN)
• Experience with adaptive multi-factor authentication: Apps, VPNs, Workstations, Mac and Windows Endpoints, Virtual Desktops and RADIUS servers is a plus.
• Ability to lift, rack and provision government furnished equipment (GFE) servers.

Education/Certification(s):

• Requires DoD 8570.01-M IAT Level II certification: CompTIA Security+ CE (Continuing Education)
• Requires Computing Environment (CE) certifications - Obtain and maintain one of the following OS certs: 
  • Microsoft Certified: Identity and Access Administrator Associate
  • Microsoft Certified: Azure Administrator Associate, or
  • Microsoft Certified: Azure Database Administrator Associate

Clearance: 

• Active DoD Secret required or ability to complete investigation process for interim with potential to upgrade to Top Secret clearance preferred.

SMS is an Equal Opportunity Employer.