Endpoint Engineer (TS)

Koniag Government Services, LLC•Washington, DC

About The Position

Koniag Emerging Technologies, LLC (KET), a Koniag Government Services (KGS) company, is hiring an Endpoint Engineer to support our government customer in Washington DC. Position requires an active Top Secret/SCI clearance with ability to obtain additional security requirements. Please do not apply if you do not possess the required Top Secret Clearance. We are seeking a highly skilled Endpoint Engineer to support the full lifecycle management of enterprise endpoint devices across a secure, mission-critical environment. This role is responsible for designing, deploying, securing, and maintaining Windows and macOS endpoints at scale. The ideal candidate brings deep expertise in endpoint management platforms, operating system deployment, patching strategies, vulnerability remediation, and Tier 3 escalation support. This position requires a strong understanding of modern endpoint security principles, including Zero Trust alignment, and the ability to operate within a DoD-compliant environment. This role is critical to maintaining secure, compliant, and high-performing endpoint environments within a DoD enterprise. The Endpoint Engineer will serve as a senior technical resource, driving endpoint strategy, enforcing security standards, and ensuring operational excellence across the enterprise.

Requirements

Minimum 5+ years of IT experience, with a strong focus on endpoint/client engineering
Hands-on experience managing Windows and macOS environments at enterprise scale
Proven experience with endpoint management tools such as: Microsoft Endpoint Configuration Manager (MECM) Microsoft Intune Jamf (for macOS environments) Tanium BigFix
Experience with OS imaging, patching, and vulnerability remediation processes
Strong troubleshooting skills supporting Tier 3 endpoint issues
Associate’s to Bachelor’s degree in information technology, Computer Science, or related field (preferred)
Must meet DoD 8140 baseline requirements for System Administrator (451): One or more of the following required: CompTIA Security+ GIAC Security Essentials (GSEC) CompTIA Cloud+ SSCP CASP+ CISSP
T3 Level: Microsoft MD-102 CompTIA Security+
T4 Level (Senior): Microsoft MD-102 Microsoft SC-200 (or endpoint security specialty equivalent) SSCP or CISSP
TS/SCI security clearance required, candidate will not be considered without.

Nice To Haves

Jamf Certified Admin (for macOS environments)
Microsoft SC-200
Endpoint Detection & Response (EDR) vendor certifications
Zero Trust endpoint architecture training
Advanced digital forensics and incident response training
Enterprise MDM-at-scale expertise
Strong understanding of Zero Trust and endpoint security principles
Ability to operate in high-security, mission-critical environments
Excellent problem-solving and troubleshooting skills
Strong communication skills across technical and non-technical stakeholders
Ability to balance operational support with engineering improvements

Responsibilities

Manage the full lifecycle of endpoint devices (Windows and macOS), including provisioning, configuration, maintenance, and decommissioning
Design, develop, and maintain OS imaging and deployment solutions for Windows 10/11 and macOS environments
Execute patch management strategies across multiple platforms (MECM, Intune, Jamf, BigFix, Tanium)
Perform vulnerability remediation in coordination with cybersecurity teams and compliance frameworks
Provide Tier 3 escalation support for complex endpoint issues, including root cause analysis and resolution
Implement and maintain endpoint security controls aligned with DoD STIGs and Zero Trust architecture
Automate endpoint management tasks using scripting and enterprise tools
Collaborate with engineering, cybersecurity, and cloud teams to ensure optimized and compliant endpoint configurations
Maintain documentation, SOPs, and operational runbooks for endpoint management processes
Support enterprise endpoint monitoring, reporting, and performance optimization