Endpoint Engineer, TS/SCI (Reston, VA)

About the position The Endpoint Security Engineer is a critical member of a highly skilled Cybersecurity team supporting an intelligence agency. This role focuses on designing, implementing, and maintaining endpoint security solutions, with a strong emphasis on leveraging Microsoft Defender to protect sensitive networks, devices, and data. The engineer collaborates with stakeholders to integrate advanced cyber defense capabilities, ensures operational continuity, and responds to security incidents to safeguard mission-critical operations. Responsibilities • Deploy, configure, and manage Microsoft Defender for Endpoint to protect against advanced threats, including malware, intrusions, and unauthorized access. • Design and implement endpoint security architectures, ensuring compliance with intelligence community standards and DoD directives. • Conduct system configuration, installation, and optimization of Microsoft Defender and related tools to meet present and future mission requirements. • Provide expert support for enterprise-wide endpoint security solutions, including policy management, threat detection, and incident response. • Collaborate with vendors and agency stakeholders to research, analyze, and enhance endpoint security capabilities using Microsoft Defender. • Oversee sustainment and advanced configuration of security infrastructure, including database administration and security management tools. • Lead the investigation, documentation, and reporting of security incidents, driving the development of corrective measures. • Deliver detailed status reports and technical recommendations to senior management and intelligence community stakeholders. Requirements • Extensive experience with Microsoft Defender for Endpoint, including deployment, configuration, policy management, and threat hunting. • 3+ years of technical experience in Cybersecurity, with a focus on endpoint security in high-stakes environments. • Proven ability to maintain enterprise cybersecurity solutions in large-scale, global networks within a fast-paced, mission-driven setting. • Familiarity with DoD Architecture Framework and intelligence community network architecture standards. • Hands-on experience with Windows Enterprise Active Directory, Linux (RHEL), and VMware virtualization. • Strong understanding of endpoint security technologies, including host intrusion prevention, malware detection, and endpoint detection/response (EDR). • DOD 8570 IAT Level II certification. • Must obtain CSSP Infrastructure Support certification (e.g., CEH, CySA+) within 6 months of hire. • Excellent communication skills for delivering technical reports and collaborating with cross-functional teams. Nice-to-haves • Experience with additional endpoint security tools such as HBSS, Carbon Black, or Tanium. • Knowledge of user/entity behavioral analysis and rogue system detection. • Prior work in intelligence community environments supporting classified missions. Benefits • Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans). • Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans. • 12 corporate holidays and a Flexible Time Off (FTO) program. • Healthy mobile phone and home internet allowance. • Eligibility for retirement plan after 2 months at open enrollment. • Pet Benefit Option. Apply tot his job