Endpoint Security Administrator

We're expanding our cybersecurity team as part of a high-impact effort supporting the U.S. Air Force through Enterprise IT as a Service (EITaaS) Wave 1. This role focuses on hardening endpoint systems within a secure, classified environment-critical to protecting sensitive systems and information. If you're passionate about policy enforcement, endpoint hardening, and making a difference in national defense infrastructure, we want to hear from you.

What You'll Do:

In this role, you'll lead efforts to define, deploy, and manage endpoint security policies-ensuring compliance and protection across desktops, laptops, and other endpoint devices. You'll work with Active Directory, Group Policy Objects (GPOs), and Local Security Policies to implement best-in-class defense strategies, while collaborating with other security teams to keep our environment resilient.

Key Responsibilities:

Policy Management & Enforcement

• Design and maintain GPOs to secure Windows-based endpoints
• Develop and manage Local Security Policies for standalone or non-domain systems
• Regularly review and update policies based on new threats, standards, or system changes
• Troubleshoot GPO conflicts and application issues

Security & Compliance

• Define security baselines for various endpoint types (e.g., workstations, servers, mobile)
• Ensure compliance with internal security policies and external frameworks (NIST, ISO 27001, HIPAA, etc.)
• Conduct audits and generate reports on endpoint security posture
• Support rapid policy changes during security incidents

Testing & Validation

• Test GPO and security policy updates in isolated environments
• Validate changes for compatibility and performance impact
• Document policy implementations, exceptions, and results

Collaboration & Support

• Work closely with IT operations, infrastructure, and cybersecurity teams
• Provide training and guidance on policy management to support staff
• Contribute to cross-team security initiatives and projects

Continuous Improvement

• Stay current on Windows security features and evolving threats
• Recommend improvements to strengthen endpoint defense strategies
• Assist in tuning policies to balance usability and security

Required:

• 10+ years of experience in endpoint security, IT security, or a related cybersecurity role
• Deep experience managing Active Directory and Group Policy
• Strong understanding of Windows security and endpoint protection strategies
• Experience with EDR and antivirus platforms
• Knowledge of network protocols, malware behaviors, and patching tools
• Familiarity with PowerShell scripting for policy automation and reporting
• Clear understanding of compliance frameworks (NIST, PCI-DSS, HIPAA, ISO 27001)
• Excellent troubleshooting and problem-solving abilities
• Strong communication skills for working with both technical and non-technical teams
• Active Secret Clearance
• DoD 8140 compliance - CompTIA Security+ (or equivalent)

Preferred:

• Experience with endpoint security in cloud environments (AWS, Azure)
• Familiarity with SIEM tools like Splunk or LogRhythm
• Knowledge of scripting in Python or Bash
• Experience with vulnerability scanning and management tools
• Certified Endpoint Protection Professional (CEPP)
• Certified Ethical Hacker (CEH)
• GIAC Endpoint Security (GESP)
• Additional security or compliance certifications