Windows and McAfee Senior Network Engineer/System Administrator presso Diaconia LLC

Description

Key Tasks:

• Design, engineer, update, and maintain ePolicy Orchestrator implementations across the enterprise.
• Ensure compliance with DISA STIGs, DoD ICAM Reference Design, and DoDI 8520.03.
• Design, build, and test configuration items such as task sequences, group policy objects, and system upgrades.
• Research, analyze, and implement operational solutions across various technologies and operating systems using on-premises Group Policy, cloud-enabled policies, and Kiosk configurations for Windows, Linux, iOS, MacOS, ChromeOS, and Android endpoints.
• Design, research, engineer, and deploy strategies for policy distribution in high-security cloud environments.
• Provide Site Administrator support and Enterprise monitoring for Group Policy Objects, including initial troubleshooting and      the addition of Security Groups to Group Policy Objects.
• Expertise in DoD security directives, DISA STIGs, and DHA cybersecurity requirements 

 Disclaimer "The responsibilities and duties outlined in this job description are intended to describe the general nature and level of work performed by employees within this role. However, they are not exhaustive and may be subject to change or modification at any time to meet the evolving needs of the organization. 

Requirements

Minimum Technical Skills and Experience Required

• Active Directory (AD) & Domain Controller (DC) Administration
  • 5+ years managing Windows Server environments with  Active Directory in large/complex networks.
  • Deep understanding of AD replication, Kerberos, LDAP, Group Policy, and FSMO roles.
  • Familiarity with performance tuning and  troubleshooting on DCs.
• Windows Server Administration
  • Expertise in Windows Server 2016/2019/2022 internals, registry, event logs, and system services.
  • Knowledge of Windows security baselines (CIS, DISA  STIG).
  • Prior experience deploying enterprise tools on DCs  (AV, endpoint protection, vulnerability scanning).
• McAfee ePolicy Orchestrator (ePO) & Policy Auditor
  • Experience configuring, deploying, and managing agents/policies through ePO.
  • Understanding of Policy Auditor content packs, custom checks, and compliance reporting.
• Security Compliance & Vulnerability Management
  • Ability to map technical checks to compliance  frameworks (e.g., NIST 800-53, PCI-DSS, SOX).
  • Familiarity with vulnerability and patch management processes.
• Performance & Monitoring Tools
  • Skilled with Windows PerfMon, Resource Monitor, and event tracing to baseline DC performance.
  • Ability to correlate PA scan impact with AD health (replication monitoring, dcdiag, repadmin).
• Scripting & Automation
  • Proficiency in PowerShell to automate pre-deployment health checks, reporting, and rollbacks.
  • Experience integrating scan results into SIEM dashboards or compliance workflows.

Education & Certifications

• A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science
• Relevant continuing education in enterprise security or systems administration
• Secret Clearance
• Microsoft Certified: Cyber Security Architect Expert or Microsoft Certified: Azure Solutions Architect Expert OR

Microsoft Certified: Azure Administrator Associate or Microsoft Certified: Windows Server Hybrid Administrator Associate

• Highly Desired – Any of the following:
  • CompTIA Security+ CE
  • CISSP
  • CISA
  • GIAC Certified Windows Security Administrator (GCWN)  or GIAC Security Essentials (GSEC)
  • Trellix Certified Product Specialist (ePO)