Sr. Systems Engineer (Endpoint Detection & Response)

Themis Insight•Fort Meade, MD

2d•Onsite

About The Position

Themis Insight solves difficult business, IT, and analytic problems by addressing the whole problem – not just the symptoms – using interdisciplinary approaches that are both practical and innovative. We provide fresh alternatives to ordinary, mainstream consulting firms through small, highly skilled, and hand-picked teams that can meet clients' needs in any industry. Our broad interdisciplinary understanding allows us to provide the right solution, even if it is from outside the industry or traditionally defined problem space. We bring Public and Private, Civilian and Military expertise to every case. We are hiring a Sr. Systems Engineer (Endpoint Detection & Response) to work in Fort Meade, MD. Position location is subject to change based on central MD client's needs. Required: TS/SCI with a Polygraph Description: The Senior Systems Engineer (Level 3) serves as a principal technical leader and subject matter expert within the National Security Agency’s Enterprise Endpoint Detection and Response (EDR) Program. Operating in a highly classified, multi-domain infrastructure, the successful candidate will drive the strategic architectural design, end-to-end integration, deployment, and optimization of premier endpoint security platforms, specifically Microsoft Defender for Endpoint (MDE) and Trellix HX. This critical role bridges high-level systems architecture with operational defense capabilities, ensuring total endpoint visibility, robust threat containment, and resilient configuration management across all enterprise and mission-critical assets to defend national security infrastructure against sophisticated cyber threats.

Requirements

Twenty (20) years experience as a SE in programs and contracts of similar scope, type and complexity is required.
Demonstrated experience in planning and leading Systems Engineering efforts is required.
Bachelor’s degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university is required. Five (5) years of additional SE experience may be substituted for a bachelor’s degree.
Microsoft Defender for Endpoint (MDE) Expertise: Proven engineering experience with MDE architecture, deployment strategies via MECM/SCCM or Intune, policy ring management, and advanced hunting using Kusto Query Language (KQL).
Trellix HX Expertise: Demonstrated experience engineering, deploying, and managing Trellix HX (formerly FireEye) controllers and agents within airgapped or highly restricted networks, including the creation of OpenIOC and YARA rules.
Operating System & Forensic Knowledge: In-depth technical understanding of Windows, Linux, and macOS internals, including file systems, registry structures, and process execution mechanics.
Professional Standards: Compliance with DoD 8570/8140 IAM Level II or III baseline certifications.
TS/SCI with a Polygraph clearance required.

Nice To Haves

Vendor Certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200), Azure Security Engineer Associate (AZ-500), or Trellix Certified Engineering credentials.
Methodologies & Toolsets: Experience with Model-Based Systems Engineering (MBSE), Cameo, and workflow management within the Atlassian Suite (Jira, Confluence).
Technical Frameworks: Familiarity with NSA Technical Manual Standards (e.g., NSA DS-89) and defense-in-depth engineering principles.
Core Competencies: Strong record of team collaboration, exceptional transparency in managing high-consequence infrastructure, and an aptitude for developing technical leadership pipelines.

Responsibilities

Leading the lifecycle engineering and scale-out architecture of MDE and Trellix HX across hybrid environments, including on-premises, cloud, and virtual desktop infrastructures (VDI).
Authoring complex system engineering and implementation plans.
Tuning agent configurations and exclusion policies to eliminate mission friction.
Monitoring overall endpoint health at scale.
Collaborating closely with threat hunting and intelligence analysts to translate actionable threat intelligence into custom technical indicators of compromise (IOCs), utilizing Kusto Query Language (KQL) and YARA rules.
Acting as a primary technical advisor to Government stakeholders on system risks and engineering considerations.
Providing advanced forensic support to the SOC during critical high-priority incidents.
Actively mentoring junior and mid-level engineering personnel within the program.

Benefits

Competitive health, dental, and vision plans with 100% paid premiums.
401k: We contribute 6% even if you don't!
Time Off: 11 standard holidays, and 25 days of PTO
Career Development: Get career counseling and individualized career development plans, including education and training.
Employee referral bonuses for successful hires

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume