Job description

Description: Diaconia is looking for a talented Windows and McAfee Senior Network Engineer/System Administrator to join our Amazing team! If you're looking to join a company that truly appreciates you and your talents, look no further! At Diaconia, we are committed to serving and caring for our colleagues, our clients and our community. Our team is made up of talented individuals who appreciate having the opportunity to contribute their knowledge and experience to further the growth and development of our industry. Our ideal candidates embrace diverse thinking, enjoy partnering with others and are seeking to make a difference! We are currently searching for a new, full-time member for our team for the position of: Windows and McAfee Senior Network Engineer/System Administrator Senior Network Engineer/System Administrator with extensive Active Directory, Windows Domain Controller, and Trellix/McAfee ePolicy Orchestrator (ePO) experience. Deep expertise in implementing, managing, and optimizing ePO, Policy Auditor, and other components of the DISA Endpoint Security Solutions suite of tools in DoD environments Key Tasks: • Design, engineer, update, and maintain ePolicy Orchestrator implementations across the enterprise. • Ensure compliance with DISA STIGs, DoD ICAM Reference Design, and DoDI 8520.03. • Design, build, and test configuration items such as task sequences, group policy objects, and system upgrades. • Research, analyze, and implement operational solutions across various technologies and operating systems using on-premises Group Policy, cloud-enabled policies, and Kiosk configurations for Windows, Linux, iOS, MacOS, ChromeOS, and Android endpoints. • Design, research, engineer, and deploy strategies for policy distribution in high-security cloud environments. • Provide Site Administrator support and Enterprise monitoring for Group Policy Objects, including initial troubleshooting and the addition of Security Groups to Group Policy Objects. • Expertise in DoD security directives, DISA STIGs, and DHA cybersecurity requirements Disclaimer "The responsibilities and duties outlined in this job description are intended to describe the general nature and level of work performed by employees within this role. However, they are not exhaustive and may be subject to change or modification at any time to meet the evolving needs of the organization. Requirements: Minimum Technical Skills and Experience Required • Active Directory (AD) & Domain Controller (DC) Administration • 5+ years managing Windows Server environments with Active Directory in large/complex networks. • Deep understanding of AD replication, Kerberos, LDAP, Group Policy, and FSMO roles. • Familiarity with performance tuning and troubleshooting on DCs. • Windows Server Administration • Expertise in Windows Server 2016/2019/2022 internals, registry, event logs, and system services. • Knowledge of Windows security baselines (CIS, DISA STIG). • Prior experience deploying enterprise tools on DCs (AV, endpoint protection, vulnerability scanning). • McAfee ePolicy Orchestrator (ePO) & Policy Auditor • Experience configuring, deploying, and managing agents/policies through ePO. • Understanding of Policy Auditor content packs, custom checks, and compliance reporting. • Security Compliance & Vulnerability Management • Ability to map technical checks to compliance frameworks (e.g., NIST 800-53, PCI-DSS, SOX). • Familiarity with vulnerability and patch management processes. • Performance & Monitoring Tools • Skilled with Windows PerfMon, Resource Monitor, and event tracing to baseline DC performance. • Ability to correlate PA scan impact with AD health (replication monitoring, dcdiag, repadmin). • Scripting & Automation • Proficiency in PowerShell to automate pre-deployment health checks, reporting, and rollbacks. • Experience integrating scan results into SIEM dashboards or compliance workflows. Education & Certifications • A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science • Relevant continuing education in enterprise security or systems administration • Secret Clearance • Microsoft Certified: Cyber Security Architect Expert or Microsoft Certified: Azure Solutions Architect Expert OR Microsoft Certified: Azure Administrator Associate or Microsoft Certified: Windows Server Hybrid Administrator Associate • Highly Desired – Any of the following: • CompTIA Security+ CE • CISSP • CISA • GIAC Certified Windows Security Administrator (GCWN) or GIAC Security Essentials (GSEC) • Trellix Certified Product Specialist (ePO)

Requirements