System Administrator - Endpoint Security Solutions (ESS) Operator

Job Locations US-AL-Montgomery
Job ID
2024-4924
# of Openings
1
Clearance Requirement
S
Education Requirement
High School Diploma/GED
Certifications
CompTIA Security+ CE and • OS certs: Microsoft Certified: Identity and Access Administrator Associate, Microsoft Certified: Azure Administrator Associate, or Microsoft Certified: Azure Database Administrator Associate and Complete ESS 201,301, 501 courses for access.
Experience Level
Mid-level
8570 Compliant
IAT 2

Overview

SMS is seeking a dynamic, motivated individual to serve as a Junior or Mid-Level Endpoint Security Solutions (ESS) Operator I or II (depends upon experience) in support of the 26 NOS, US Air Force at Maxwell AFB, Gunter Annex.  The ideal candidate with have experience in information system administration with a strong cybersecurity knowledge. The ESS Administrator will provide Information Assurance and integration support on the ESS  tool suite. Provide system analysis, troubleshooting and integration support.  If you are seeking a challenging place to work, please review the list of responsibilities and qualifications. If you don’t meet all the qualifications, a candidate may still be considered depending on your level of experience.

 

SMS is a fast growing, veteran-owned business that's has supported Federal Government's IT initiatives for over four decades.  We work side-by-side with our federal clients as a trusted, long-term partner to offer innovative advice and leadership to solve their most pressing and complex problems. We orchestrate people, strategies, technologies, and best-of-breed business processes. The SMS advantage in management and technology consulting includes deep domain expertise in complex networking design and unifying communities of interest.

Responsibilities

Duties & Responsibilities:

  • Ability to operate the host-based security and compliance baseline configuration, inventory, and best practices for the endpoint security solution (ESS) deployed across multiple unclassified and classified network locations supporting the implementation for McAfee/Trellix products.
  • ESS team manages a suite of products such as: Trellix Agent, ePolicy Orchestrator (ePO), Endpoint Security (ENS) which includes Threat Prevention and Firewall, Data Loss Prevention (DLP), Policy Auditor (PA), and Rogue System Detection (RSD)
  • Responsible for monitoring, maintaining, and analyzing data generated by the McAfee/Trellix ePO console (automated server tasks, trend analysis) and troubleshooting product issues, outages on systems, or errors/latency traced to ESS suite across live enclaves.
  • Responsible for the ESS deployment, implementation, administration, and analysis must comply with registering and attending appropriate trainings (e.g. ESS 201 Administrator and 301 Advanced Administrator courses) to achieve a certificate, maintain it and present it when inspected to ensure STIG compliance
  • Coordinate ESS system activities such as deploying, configuring, monitoring, tuning, upgrading, troubleshooting, and optimizing suite components spanning local, remote, and complex environments refining system rules and alerts.
  • Work in concert with ESS team members, admins, users, operators, integrators, and information assurance personnel configuring assets, endpoint security operations and maintaining the ESS program within multiple enclaves.
  • Provide network admins and security personnel with mechanisms to prevent, detect, track, report, and remediate malicious computer-related activities and incidents across DoD networks and information systems adhering to ESS working groups and community of practices.
  • Assist in meeting strategic requirements while conforming to rigid standards to aide in reducing gaps in cyber security risk exposure; Record configurations, conduct assessments, specify proper types of files organization, indexing methods, security procedures and submit suggestions to ESS schedule(s), agents, scan zones, and endpoint repository management.
  • Ability to install and patch operating systems (OS), SQL, McAfee/Trellix suite applications.
  • Be familiar with Department Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) / Security Requirements Guide (SRG), applicable to each non-classified or Secret Internet Protocol (IP) Router Network (NIPRNet, SIPRNet) environment for all ESS implementations.
  • Responsible for supporting and ensuring external deliverables: Continuous Monitoring and Risk Scoring (CMRS), DoD Patch Repository Defense Asset Distribution System (DADS), build/maintain vulnerability, hardware/software asset lists, and/or audit repositories.
  • Assist in leveraging asset management solutions and enterprise network application tools such as Forescout, SolarWinds Orion, Assured Compliance Assessment Solution (ACAS) including .SC (Security Center™) and Nessus® scanners and/or Microsoft Endpoint Configuration Manager (MECM)
  • Continuously assesses current ESS implementations for scans, assets, analysis, and permissions.
  • Assist with validation and sustainment of documentation such as Security Plans, Plan of Actions and Milestones (POAMs), Role Based Access Controls (RBAC), service accounts, certificates, licenses, and physical/virtual location of each component.
  • Responsible to assist/troubleshoot schedule scans are covering 100% of intended targets ensuring timely and accurate scanning and reporting per PMO, IA and DoD policies and orders.
  • Maintain ePO system tree per documentation; administer policy catalog management.
  • Maintain effective communications with other external and internal teams essential to ESS operations.
  • Create/maintain/implement custom security policies in line with DISA ESS best practice guidance.
  • Position is subject to up to 10% travel. May be required to be called in after hours for maintenance windows and/or break fix actions.
  • Rack and provision government furnished equipment (GFE) servers when applicable.

Qualifications

Qualifications/Requirements:

  • Candidate should have 7+ years of years of hands-on experience in:
    • ESS and/or McAfee/Trellix or equivalent endpoint security solution products
    • ePO Application console management
    • Windows operating systems admin support experience in mid-to-large enterprise data center environment; familiarity with network patch/update management
  • Exposure interacting with virtualized environments (VMware vSphere, ESXi)
  • Demonstrate advanced diagnostics, analytical, critical thinking and troubleshooting skills.
  • Passion for continuous learning in IT data protection and technical/infrastructure technologies
  • Ability to manage, evaluate and prioritize workload to accommodate and align with business objectives, security concerns, and costs.
  • Any relevant scripting experience: Ansible, Bash, Perl, PowerShell, Python
  • Any experience within DoD environment or enterprise network data center desired.
  • Knowledge of data communications, local-area networking (LAN), wide-area networking (WAN)
  • Experience with adaptive multi-factor authentication: Apps, VPNs, Workstations, Mac and Windows Endpoints, Virtual Desktops and RADIUS servers is a plus.
  • Ability to lift, rack and provision government furnished equipment (GFE) servers.


Education/Certification(s):

  • Requires DoD 8570.01-M IAT Level II certification: CompTIA Security+ CE (Continuing Education)
  • Requires Computing Environment (CE) certifications - Obtain and maintain one of the following OS certs: 
    • Microsoft Certified: Identity and Access Administrator Associate
    • Microsoft Certified: Azure Administrator Associate, or
    • Microsoft Certified: Azure Database Administrator Associate
  •  Once Onboarded: Complete ESS 201,301, 501 courses for access.


Clearance: 

  • Active DoD Secret required or ability to complete investigation process for interim with potential to upgrade to Top Secret clearance preferred.

 

SMS is an Equal Opportunity Employer. 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed