Systems Admin - Vulnerability Management Coordination / Windows Admin

ASM Research-posted about 4 hours ago
Full-time • Mid Level
Chesapeake, VA
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Patching / SCCM Administrator will provide Tier III IT operations support across the Office of Information Management (OIM) and SC mission systems, with a focus on endpoint management, patching, and compliance. This role is responsible for operating and maintaining Microsoft Endpoint Configuration Manager (SCCM), Intune, and related patching infrastructure, ensuring timely updates, secure baselines, and compliance with DOE directives and federal IT standards. The ideal candidate will have strong expertise in Windows desktop/server patching, automation, and reporting, while supporting hybrid environments and evolving enterprise service delivery models.

  • Plan, schedule, and deploy Windows OS and application patches across servers and endpoints in accordance with OIM policy.
  • Validate patch compliance against secure configuration baselines and DOE directives.
  • Perform pre- and post-patch testing, documenting results and mitigating issues.
  • Maintain patch deployment records, including maintenance logs, validation history, and compliance reports.
  • Collaborate with cybersecurity teams to remediate vulnerabilities identified through patching gaps.
  • Administer and maintain Microsoft Endpoint Configuration Manager (SCCM), including collections, deployments, task sequences, and reporting.
  • Support Microsoft Intune for mobile device and modern endpoint management.
  • Develop and maintain automation scripts (PowerShell, Azure CLI) to streamline patching and endpoint management tasks.
  • Manage software distribution, OS imaging, and application packaging for enterprise endpoints.
  • Monitor SCCM infrastructure health, including site servers, distribution points, and SQL databases.
  • Continuously monitor patch compliance, endpoint health, and SCCM infrastructure performance.
  • Generate and deliver compliance reports to leadership and stakeholders.
  • Track and report on capacity utilization, resource consumption, and licensing compliance.
  • Detect and resolve patching failures, bottlenecks, and outages in line with SLAs.
  • Maintain and update the Configuration Management Database (CMDB) with patching and endpoint configuration items.
  • Submit all patching changes via the OIM-approved change management system in accordance with the Change Control Review (CCR) process.
  • Evaluate proposed changes for technical and cybersecurity risk, ensuring compliance with secure baselines.
  • Maintain documentation of patching SOPs, SCCM configurations, and endpoint policies, reviewed quarterly or after major changes.
  • Bachelor’s Degree in Information Technology, Computer Science or a related field or equivalent relevant experience; Master’s Degree preferred.
  • 7-10 years of experience in information technology, systems administration or other IT related field.
  • Demonstrated technical proficiency equivalent to industry-recognized certifications, such as: Microsoft Certified: Endpoint Administrator Associate, Microsoft Certified: Windows Server Hybrid Administrator Associate, CompTIA Security+ or Network+.
  • Vendor-specific certifications in endpoint security or patch management platforms.
  • Proficiency in PowerShell scripting, SCCM administration, and automation tools.
  • Strong knowledge of Windows OS patching, SCCM infrastructure, Intune, and compliance frameworks.
  • Ability to support Windows, macOS, and Linux endpoints as required.
  • Familiarity with federal IT compliance standards (e.g., FISMA, NIST SP 800-53).
  • Experience with hybrid endpoint management (SCCM + Intune).
  • Familiarity with vulnerability management tools (e.g., Tenable, Qualys) and integration with patching workflows.
  • Strong troubleshooting skills for patch deployment failures, SCCM infrastructure issues, and endpoint compliance gaps.
  • Excellent documentation and communication skills for compliance reporting and operational transparency.
  • Knowledge of federal government IT best practices and standards.
  • Experience with continuous monitoring and incident response in a federal environment.
  • Ability to work under federal IT security protocols and procedures.
  • Understanding and application of FISMA (Federal Information Security Management Act) requirements.
  • Familiarity with NIST (National Institute of Standards and Technology) Special Publications, particularly SP 800-53 (Security and Privacy Controls for Information Systems and Organizations).
  • Experience with the RMF process for federal information systems, including system categorization, control selection, implementation, assessment, and continuous monitoring.
  • Strong skills in incident detection, response, and recovery, following federal guidelines and protocols.
  • Knowledge of cloud security principles and best practices, particularly relating to the security of cloud services used by the federal government (e.g., FedRAMP).
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service