Apply on Employer Site

FEDITC · 4 months ago

Windows Domain Controller Active Directory and Trellix McAfee ePolicy Orchestrator Administrator

San Antonio, TX

Full-time

Onsite

Senior Level

5+ years exp

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. They are seeking a Windows Domain Controller/Active Directory and Trellix/McAfee ePolicy Orchestrator Administrator to design, implement, and manage ePolicy Orchestrator implementations while ensuring compliance with security standards in high-security environments.

ConsultingCyber SecurityGovernmentInformation Technology

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Design, engineer, update, and maintain ePolicy Orchestrator implementations across the enterprise

Ensure compliance with DISA STIGs, DoD ICAM Reference Design, and DoDI 8520.03

Design, build, and test configuration items such as task sequences, group policy objects, and system upgrades

Research, analyze, and implement operational solutions across various technologies and operating systems using on-premises Group Policy, cloud-enabled policies, and Kiosk configurations for Windows, Linux, iOS, MacOS, ChromeOS, and Android endpoints

Design, research, engineer, and deploy strategies for policy distribution in high-security cloud environments

Provide Site Administrator support and Enterprise monitoring for Group Policy Objects, including initial troubleshooting and the addition of Security Groups to Group Policy Objects

Expertise in DoD security directives, DISA STIGs, and DHA cybersecurity requirements

Qualification

Active Directory AdministrationWindows Server AdministrationMcAfee ePolicy OrchestratorSecurity ComplianceScripting & AutomationPerformance MonitoringVulnerability ManagementTechnical Checks MappingGroup Policy ManagementDoD Security DirectivesPowerShell

Required

United States Citizenship

Active Secret DoD Security Clearance

5+ years managing Windows Server environments with Active Directory in large/complex networks

Deep understanding of AD replication, Kerberos, LDAP, Group Policy, and FSMO roles

Expertise in Windows Server 2016/2019/2022 internals, registry, event logs, and system services

Knowledge of Windows security baselines (CIS, DISA STIG)

Prior experience deploying enterprise tools on DCs (AV, endpoint protection, vulnerability scanning)

Experience configuring, deploying, and managing agents/policies through ePO

Understanding of Policy Auditor content packs, custom checks, and compliance reporting

Ability to map technical checks to compliance frameworks (e.g., NIST 800-53, PCI-DSS, SOX)

Familiarity with vulnerability and patch management processes

Skilled with Windows PerfMon, Resource Monitor, and event tracing to baseline DC performance

Ability to correlate PA scan impact with AD health (replication monitoring, dcdiag, repadmin)

Proficiency in PowerShell to automate pre-deployment health checks, reporting, and rollbacks

Experience integrating scan results into SIEM dashboards or compliance workflows

A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science

Relevant continuing education in enterprise security or systems administration

Microsoft Certified: Cyber Security Architect Expert or Microsoft Certified: Azure Solutions Architect Expert or Microsoft Certified: Azure Administrator Associate or Microsoft Certified: Windows Server Hybrid Administrator Associate

Active Secret clearance is required

Must be a United States Citizen and pass a background check

Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITC'S Client(s)/Customer(s)/Prime contractor(s)