Oneida Technical Solutions, LLC (OTS) has a rich history of providing IT support and associated services in highly complex, highly regulated, highly secure environments, including the U.S. Department of Defense (DoD), law enforcement, health care, retail, and the casino gaming industry. We have an exciting opportunity to support the Air Force Enterprise IT as a Service (EITaaS) Wave 1, specifically advancing the solution for bringing the EITaaS IT Service Management offerings to SIPR.\n

We are currently seeking an Endpoint Security Administrator for an onsite position in Chantilly, VA.\n

Seeking a proactive and skilled Endpoint Security Administrator to oversee the security of the organization's endpoint devices, including laptops, desktops, and other endpoints. The successful candidate will be responsible for with defining, implementing, and managing endpoint security compliance across our organization using Active Directory Group Policy Objects (GPOs) and Local Security Policies, ensuring compliance with organizational security policies, and protecting against potential threats. This role will also involve coordinating with other security teams to implement best practices, respond to incidents, and continuously improve endpoint defense mechanisms.\n\nMinimum of 10+ years of experience in endpoint security administration, IT security, or related cybersecurity roles.\n\n\nProven experience with in-depth knowledge of Active Directory and Group Policy management.\nKnowledge of security frameworks and compliance standards (e.g., NIST, ISO 27001, PCI-DSS, HIPAA).\nStrong knowledge of Windows security, Active Directory administration, and endpoint protection best practices.\nExperience with managing endpoint detection and response (EDR) solutions and anti-virus technologies.\nUnderstanding of network protocols, threat landscape, and malware behaviors.\nExperience with vulnerability management and patching tools.\nProficiency in PowerShell scripting for automation and reporting.\nKey Responsibilities:\n\nGroup Policy Management:\n\nDesign, implement, and maintain Group Policy Objects (GPOs) to enforce security settings across the organization's Windows endpoints.\nRegularly review and update GPOs to align with evolving security requirements and best practices.\nTroubleshoot GPO application issues and conflicts.\n\n\nLocal Security Policy Configuration:\n\nDevelop and maintain standardized Local Security Policy configurations for various endpoint types.\nImplement and manage Local Security Policies on standalone systems or systems not governed by domain policies.\n\n\nSecurity Compliance:\n\nDefine security baselines for different endpoint types (e.g., workstations, servers, mobile devices) based on industry standards and organizational requirements.\nEnsure all endpoints meet or exceed defined security compliance standards.\nConduct regular compliance audits and generate reports on the security posture of endpoints.\n\n\nPolicy Testing and Validation:\n\nTest new and modified Group Policies and Local Security Policies in a controlled environment before deployment.\nValidate the impact of policy changes on system functionality and user experience.\n\n\nDocumentation and Reporting:\n\nMaintain comprehensive documentation of all Group Policies and Local Security Policies.\nCreate and update standard operating procedures for policy management and enforcement.\nPrepare regular reports on endpoint compliance status for management and auditors.\n\n\nCollaboration and Training:\n\nWork closely with IT operations, security teams, and business units to ensure policies meet both security and operational needs.\nProvide training and guidance to IT staff on Group Policy and Local Security Policy management.\n\n\nContinuous Improvement:\n\nStay informed about the latest Windows security features and best practices.\nRecommend and implement improvements to enhance endpoint security posture.\n\n\nIncident Response Support:\n\nAssist in incident response efforts by quickly implementing policy changes when needed.\nAnalyze policy effectiveness in preventing or mitigating security incidents.\n\n\n\n\n\n

Other Desired Skills:\n\nFamiliarity with scripting (e.g., PowerShell, Python, Bash) for automating endpoint security tasks.\nKnowledge of cloud-based endpoint security (e.g., AWS, Azure) is a plus.\nFamiliarity with SIEM tools (e.g., Splunk, LogRhythm) for endpoint security monitoring and alerting.\nCertified Endpoint Protection Professional (CEPP), Certified Ethical Hacker (CEH), GIAC Endpoint Security (GESP), or other relevant certifications.\nDoD 8140 compliance, CompTIA Security + or higher \nMust have Active Secret Clearance \n\n
\n

Oneida Technical Solutions, LLC is an equal opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, gender identity, genetic information or any other protected characteristic under applicable law.\n