SITEC - Endpoint Security Lead - MacDill AFB

Peraton requires Systems Administrator – Security (SR) to support the Special Operation Command Information Technology Enterprise Contract (SITEC) – 3 EOM.  This position is located at MacDill AFB in Florida. The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (NetOps); maintain systems and network infrastructure; provide end user and common device support; provide configuration, change, license, and asset management; conduct training, and perform Install, Move, Add, Change (IMACs) services. The responsibilities and tasks associated with each requirement play a pivotal role to USSOCOM, the CIO/J6 organization, and ultimately the end-user who operate around the globe 24x7x365. The Systems Administrator – Security (SR) is a highly motivated Endpoint and Cloud Security Lead who is responsible for leading the technical support, administration, and continuous improvement of our endpoint and cloud security solutions, with a primary focus on Trellix Endpoint Security Suite (ESS) and the Microsoft Defender Suite. This role has a deep understanding of modern security principles, hands-on experience with the specified technologies, and the ability to lead and mentor a team of security professionals to achieve technical and service objectives. Lead the deployment, configuration, and maintenance of Trellix Endpoint Security Suite (ESS) and the full Microsoft Defender Suite (including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Defender for Office 365). Ensure all endpoint and cloud security platforms are optimized for performance, availability, and security. Develop and implement custom security policies, rules, and signatures to address emerging threats and vulnerabilities. Collaborate with infrastructure, software development, and identity and access management (IAM) teams to integrate security into all aspects of the technological environment. Develop and maintain comprehensive documentation for security configurations and standard operating procedures (SOPs). Administer the ePO server, which includes managing security policies, creating and running queries for data collection, and automating the deployment of various endpoint modules to ensure consistent protection across all systems. Ensure all systems are compliant with internal security policies and external directives (e.g., DISA STIGs, USCYBERCOM orders). This includes preparing for and supporting security inspections and audits. Administer the complete Microsoft Defender Suite, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Defender for Office 365, to ensure a holistic security posture. Oversee the complete lifecycle of endpoint security agents, including deployment, updates, health monitoring, and decommissioning. Lead the successful integration and operationalization of all new endpoint security solutions. This responsibility involves weaving the new technology into our existing security fabric, establishing and documenting standard operating procedures (SOPs) for daily use, and ensuring its ongoing health and effectiveness through routine maintenance, performance tuning, and lifecycle updates.