user avatar

Microsoft SME 102225

Information Technology Engineering Corporation

Posted today

Job Requirements

Frederick, MD
Top Secret Polygraph None
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries

Job Description

Microsoft SME

Location: Frederick, MD

Required Clearance: Secret

 

Since 1999, ITEC has delivered mission-critical support to the DoD and Intelligence Community. Now part of ManpowerGroup Public Sector (MGPS), we continue that work with expanded capabilities. Employees hired through this process will join MGPS and receive a comprehensive benefits package and competitive pay.

 

Job Description:

The Microsoft SME will be responsible for providing advanced engineering and technical support for enterprise endpoint environments, with a primary focus on Microsoft and Windows platforms. The engineer will play a critical role in implementing new solutions, leveraging existing tools to support security logging and auditing, and administering information security functions for endpoint baselines. This includes managing updates, upgrades, policy administration, and validation for secure access to segmented environments (both cloud and non-cloud). The role requires a strong focus on endpoint engineering, imaging, patch management, identity integration, and security compliance, rather than standard help desk support.

 

Responsibilities:

  • Enterprise Windows Support: Provide high-level engineering support for enterprise Windows environments, including Microsoft 365 administration and Active Directory integrations.
  • Endpoint Imaging and Automation Engineering: Build and maintain Windows (and macOS) workstation images. Manage image automation, validation, rollback, and version control processes. Integrate images with Virtual Desktop Infrastructure (VDI), Endpoint Detection and Response (EDR), authentication, and logging agents.
  • Patch and Configuration Management: Utilize tools such as Ivanti and/or KACE for OS and application patching. Manage configuration drift, execute remediation workflows, and provide comprehensive reporting. Validate patches post-deployment and support necessary rollback procedures.
  • Device Enrollment and Identity Engineering: Leverage Microsoft Intune and Windows Autopilot for robust provisioning, deployment, and compliance enforcement. Implement and manage advanced authentication methods, including passwordless authentication and hardware-backed credentials (e.g., YubiKey, CAC, software keys).
  • Logging, Monitoring, and Telemetry: Configure robust endpoint logging (e.g., Windows Event Logs). Forward and validate logs into SIEM/EDR platforms (such as MS Sentinel) to support forensic collection, audit readiness, and continuous monitoring.
  • Security Administration:
    • Assist in administering all information security functions for the Windows baselines, including updates, upgrades, policy administration, and validation for special access to segmented environments.
  • Documentation:
    • Develop and maintain detailed technical documentation, operational procedures, and configuration baselines.
  • Compliance:
    •  Actively support federal security and compliance requirements through rigorous engineering practices and under formal change control, audit, and security governance processes.

 

Qualifications:

  • Clearance & Background: Must possess an active Top Secret security clearance.
  • Education: A Bachelor’s degree in Information Technology, Cybersecurity, or a related field (or equivalent experience) is preferred.

 

Experience:

  • A minimum of eight (8) years of overall experience in Information Technology, Endpoint Engineering, or Cybersecurity.
  • A minimum of six (6) years of dedicated experience performing advanced engineering (not help desk) functions in complex enterprise environments.
  • Demonstrated experience working under formal change control, audit, and security governance processes.

 

Required Technical Skills:

  • Extensive experience supporting enterprise Windows environments.
  • Hands-on experience and proficiency with Microsoft Intune, Windows Autopilot, Active Directory, and Microsoft 365 administration.
  • Experience with patch management and deployment tools such as Ivanti and KACE.
  • Deep expertise in endpoint security, patch management, and device lifecycle management.
  • Experience supporting virtual desktop and remote access technologies.
  • (Familiarity with JAMF for macOS management is highly beneficial as environments are often mixed).
group id: 91138733B
job ad image
Find Information Technology Engineering Corporation on Social Media
other imageOther
Network Employers
user avatar
About Us
Since 1999, ITEC has maintained a strong and reputable presence in support of DoD and Intelligence community mission-critical programs. Our strong company culture, competitive pay, great benefits package, and our friendly, welcoming atmosphere allows us to retain the most skilled technical resources in the industry. ITEC offers its employees a comprehensive benefits and recognition program.
See Information Technology Engineering Corporation profile
job ad2 image

Information Technology Engineering Corporation Jobs

Clearance Level
Top Secret