Enterprise Architect - Endpoint Management

About The Position

Requirements

• A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated.
• 9+ years as an Enterprise Architect
• Active Secret Clearance
• Microsoft Certified: Cyber Security Architect Expert or Microsoft Certified: Azure Solutions Architect Expert.

Nice To Haves

• Active or recent previous DHA experience HIGHLY desired.
• DoD Military Training: F07DZZ1 or M03385G or M10395B or M223854 or A-150-0045 now W-250-0750 or A-531-0021 or W-250-0750 or A-150-3400 now W-250-0750 or A-150-1980 or A-150-1202 or A-150-1203 or A-150-1250 or A-150-1855 / A-150-1940 or A-113-0205 or A-113-0175 or A-113-0018 
• Proven history of delivering data driven solutions with a customer-first mindset.
• Certification(s): Cloud+ CISSO or GCIA or GCSA or GCLD or GICSP or CISSP-ISSAP or CISSP-ISSEP (Conditional Alternative or GLSC or CISSP)  

Responsibilities

• Provide advanced engineering support and Tier 3/4 support for endpoint solutions in the MHS hybrid cloud/on-prem environment, supporting secure and resilient desktop, mobile, and virtual endpoint operations for enterprise healthcare mission needs.
• Lead the continuous refinement of centrally managed frameworks for application integration, standard OS image management, endpoint provisioning, security compliance, and service monitoring for all DHA-managed endpoints across physical and virtual platforms.
• Sustain management solutions—including application packaging, deployment, patching, and configuration of baseline endpoint and mobile applications—ensuring full compliance with DoD, DHA, and DISA policies, tools, and procedures.
• Implement endpoint security controls and solutions, validating compliance with IA controls, NIST and DoDI 8510.01 (RMF), DISA STIGs, Zero Trust strategies, and Defense-in-Depth methodologies throughout the endpoint lifecycle; maintain all associated IA/RMF/POA&M artifacts in eMASS.
• Direct complex transitions—including on-premises to M365 Co-Management and onto DoD IL5 cloud-native management—overseeing migration strategy, risk assessment, site readiness, and stakeholder engagement to ensure minimal user disruption and continuous security.
• Coordinate all aspects of application engineering, integration, packaging, testing, deployments, automations, and patch management for diverse clinical and enterprise applications, leveraging enterprise management tools (MECM, Intune, SCCM, etc.) and aligning all deployment actions to IAVM, NIST, and STIG baseline requirements.
• Provide oversight for engineering, architectural design, configuration, testing, and validation of desktop and mobile device images, group policies, task sequences, and endpoint management tools—including support for DAR (Data-at-Rest), user profile management, multi-use kiosks, in-place OS upgrades, and peripheral integration.
• Develop and implement methodologies, runbooks, and monitoring frameworks for proactive endpoint service health monitoring, incident response, automated remediation, performance optimization, and operational reporting—with full support for service continuity throughout cloud and SaaS transitions.
• Support mobile endpoint delivery solutions—encompassing firmware/OS upgrades, provisioning, security hardening, application validation, distribution, and MDM/UEM (Unified Endpoint Management) migration plans—to standardize end-user mobile experience and support continual modernization.
• Provide expert leadership and technical consulting for other teams and stakeholders, ensuring endpoint frameworks and monitoring capabilities are integrated across operational silos, enterprise applications, and IT service management functions.
• Maintain all endpoint and application baseline documentation, configuration items, engineering diagrams, and compliance records; ensure all endpoint solutions are discoverable, replicable, and fully documented for operational resiliency and audit readiness.
• Support operational excellence through adherence to ITIL4-driven incident, problem, change, and asset management procedures, driving continual improvement and lessons learned into modernization and sustainment strategies.
• Mentor, train, and supervise endpoint engineering staff in acquiring and maintaining 8140-aligned KSAT competencies, advancing team capability across all relevant work roles and emerging endpoint management technologies.
• Lead research, design, and development of low-level operating system, compiler, network distribution, embedded systems, and endpoint software supporting complex medical, military, and industrial applications; analyze requirements, set operational and compliance specifications, and deliver validated solutions using advanced computer science and engineering principles.

Benefits

• PTO including paid parental, military, and bereavement leave
• Eleven (11) paid Federal holidays, five of which are floating holidays (as designated by the company’s holiday schedule each year)
• Health and Dental Insurance (including 100% employer paid premiums for employee coverage under the HDHP health plan)
• Life Insurance, STD/LTD term disability coverage, with employer paid premiums
• 401 (k) plan with a match that is 100% vested after you complete two years of service
• FSA/DFSA/HSA flexible benefit plans
• Annual Tuition & Professional Development Reimbursement benefit