Job description

Job Overview Job Description: Microsoft Endpoint Management and Security Engineer (Intune/SCCM) Remote; Washington, D.C. (Primarily telework with mandatory monthly in-person meetings). This position is for a Full Time Equivalent (FTE) staff to assist a Federal agency’s Information Technology (IT) Security division. The role will support the management, maintenance, and maturation of the agency's IT services and security operations. The contractor will work a standard eight-hour business schedule (40 hours per week) and the position is primarily telework eligible upon approval. In-person attendance is required at a monthly team meeting on the third Tuesday of each month and as-needed unscheduled meetings at the headquarters in Washington, D.C.. Responsibilities: • Endpoint Management: Deploy, configure, and manage Microsoft Defender for Endpoint agents. This includes identifying target endpoint machines, OS versions, and deployment methods. • Zero Trust Architecture (ZTA) Implementation: Support the maintenance and maturation of the agency’s ZTA operations. This involves deploying Defender for Endpoint agents to a minimum threshold of Microsoft-supported endpoint devices using Microsoft Intune or Active Directory (AD) Group Policy Objects (GPO). • Security Tool Administration: Operate, maintain, and upgrade a variety of security and management tools, including Microsoft Azure, Microsoft Defender, and Windows 10-11. • Security and Compliance: Ensure proper configuration of endpoints to align with best practices and support the Risk Management Framework (RMF) Assess and Authorize (A&A) process. This includes performing RMF security control tests, reporting results, and developing remediation plans. • Documentation and Reporting: Produce and update operational documents such as Standard Operating Procedures (SOPs), technical white papers, configuration change management plans, and patch/upgrade management plans. Maintain asset inventory for various technologies. • Continuity of Operations (COOP): Be available to support the agency’s COOP plan, which may require relocation to an alternate site for emergency or test scenarios. • Incident Response Support: Assist with incident handling and provide recommended best business practices for responding to events. The role is a supporting role only for forensic investigations. Required Skills and Qualifications: • Must have a Bachelor’s Degree • Preferred Certification - Microsoft 365 Certified: Endpoint Administrator Associate. • Other Certifications - Microsoft 365 Fundamentals (MS-900) and/or Azure Fundamentals (AZ-900) • Demonstrated expertise in Microsoft endpoint management technologies such as Microsoft Intune, SCCM, and Group Policy. • Proficiency in operating and maintaining Microsoft-related technologies, including Windows 10-11 and MS Server 2016-2025. • Experience with security and monitoring platforms such as Microsoft Defender and Sentinel. • Familiarity with federal policies and guidelines, including NIST Special Publications for security controls and risk management. • Ability to work in a supporting role for forensic investigations and incident response. • Must be able to obtain, at a minimum, a Public Trust Security Clearance. Job Types: Full-time, Contract Pay: $132,000.00 - $180,000.00 per year Schedule: • 8 hour shift Work Location: Hybrid remote in Washington, DC 20002

Requirements