Configuration Engineer (Clearance Required)

About The Position

Requirements

• Bachelor's degree in IT, Computer Science, Engineering, or related field; or equivalent experience.
• At least 5 years of experience as a Systems Engineer working with SCCM/MECM
• At least 1 year of experience with Microsoft Intune.
• At least 1 year of experience with PowerShell, SQL query language, software distribution, and patching.
• Active Public Trust – High Risk, Tier 4 or Top Secret level clearance

Nice To Haves

• 1+ year of experience with Patch My PC
• Hold role relevant certifications: Microsoft 365 Certified: Modern Desktop Administrator Associate or Microsoft 365 Certified: Endpoint Administrator Associate
• Expert knowledge of Microsoft System Center Configuration Manager (SCCM/MECM)
• Experienced with Security Best Practices, DISA STIGs, and Vulnerability Management

Responsibilities

• Build, test, and deploy software packages and patches using SCCM/MECM and Microsoft Intune.
• Troubleshoot SCCM/MECM and Intune issues to include problems with applications, patches, software updates, client connectivity, and OS deployments.
• Create custom reports and dashboards via SCCM/MECM's reporting tool.
• Perform routine system maintenance, including OS upgrades and security patching on laptops, desktops, VMs, and servers utilizing SCCM/MECM and Intune.
• Assist system owners in other divisions and offices in triaging issues and escalating tickets as required.
• Develop automated scripts (e.g., PowerShell, SQL queries) to optimize system management and patch deployment.
• Produce and maintain technical documentation and related best practices.
• Create and modify domain objects, groups, and policies in Active Directory and Group Policy Management.
• Conduct regular security vulnerability scans and audits on all IT systems using approved agency tools.
• Analyze scan results, prioritize findings based on risk levels, and develop detailed remediation plans in alignment with agency security policies.
• Review and apply security hardening guidelines (e.g., DISA STIGs, CIS Benchmarks).
• Ensure secure baseline configurations are established, documented, and maintained across the IT environment.
• Coordinate with system owners and IT assignment teams to ensure timely application of security patches and updates.
• Track patch compliance, report deviations, and escalate critical unpatched vulnerabilities as needed.
• Analyze emerging application enhancements that benefit business models.
• Provide input and best practice recommendations to current and future policies and procedures as needed or requested.

Benefits

• opportunities for growth and advancement