Systems Administrator (Modern Desktop, AVD & Security)

About The Position

Requirements

• Education: Bachelor’s Degree in Computer Science, Information Technology, or a related field is required.
• Experience: Minimum of 6 years of relevant professional experience in systems administration or endpoint engineering.
• Microsoft Intune: Expert capability in modern management, Win32 app packaging, and compliance policies.
• Azure Virtual Desktop (AVD): Experience managing AVD images, Host Pools, and multi-session Windows 10/11 environments via Intune.
• Core Windows Troubleshooting: Mastery of Event Logs (System/Application/Security), Registry manipulation, Service dependencies, and Intune Management Extension (IME) log analysis.
• Security Tools: Proficiency with Microsoft Defender, KQL querying, and the Federal "Prevuln" lifecycle.
• Hardware: Deep experience troubleshooting Windows 10/11 on Surface and ASUS NUC hardware (drivers, UEFI, firmware).
• Agile Suite: Hands-on experience with Jira (sprints/boards) and Confluence.
• Communication: Strong ability to coordinate between technical teams (Security Ops, Device Management) and non-technical stakeholders.
• Documentation: Disciplined approach to maintaining audit trails and compliance logs.

Nice To Haves

• Prior experience supporting Federal Government agencies or working in a government contracting environment.
• Familiarity with Developer environments (VSCode, WSL configurations).
• Certifications in Microsoft Modern Desktop (MD-102), Azure Virtual Desktop (AZ-140), or Security (SC-200).

Responsibilities

• Modern Endpoint & AVD Management
• Physical Fleet Management: Oversee the lifecycle, imaging, and onboarding of physical endpoints, specifically Microsoft Surface Pro tablets, ASUS NUCs, and 5G-enabled devices.
• Azure Virtual Desktop (AVD): Manage AVD Host Pools and Session Hosts, ensuring they are enrolled in and managed by Microsoft Intune just like physical devices.
• Intune Engineering: Troubleshoot complex Company Portal issues (app visibility, uninstall failures) and manage device policy conflicts across both physical and virtual (AVD) endpoints.
• Configuration Integrity: Maintain drive mappings, FSLogix profiles, and consistent user experiences across local "COF" devices and AVD sessions.
• Security Operations & Federal Compliance
• Vulnerability Management: Utilize Microsoft Defender for Endpoint (TVM/KQL) to identify high/critical vulnerabilities across physical and AVD environments.
• Audit Readiness (POA&M): Maintain rigorous daily documentation of remediation actions to satisfy Federal POA&M (Plan of Action and Milestones) requirements.
• Hardening: Implement application whitelisting (e.g., Calabrio, Developer tools) and validate trusted publisher/certificate paths.
• Agile Project Management & Documentation
• Sprint Workflow: Actively participate in team sprints using Jira to track planned engineering work (e.g., AVD image updates, software rollouts) separate from reactive support tickets.
• Knowledge Base: Create and maintain technical "How-To" guides, meeting artifacts, and system documentation in Confluence to ensure cross-team knowledge sharing.
• Reporting: Translate outcomes from high-level technical syncs (Security/Prevuln) into actionable Jira stories.
• Software Deployment & AI Readiness
• Packaging: Prepare and deploy applications (e.g., Microsoft Visio) using Intune Win32 packaging, employing custom detection rules to ensure deployment success on both NUCs and AVD.
• Copilot Enablement: Support the rollout of Microsoft Copilot for Edge, including testing licensing capacity, validating behavior, and documenting governance/uninstall criteria.
• Change Management: Execute off-hours rollouts and manage user communications to minimize disruption.
• Service Management (ITSM) & Advanced Troubleshooting
• Root Cause Diagnostics: Go beyond basic fixes by utilizing Windows Event Viewer, Registry Editor, and log analysis (Intune Management Extension logs) to diagnose OS stability issues and application crashes.
• Incident Resolution: Open, update, and resolve ServiceNow (SNOW) incidents related to endpoint performance, connectivity, and software errors.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Training & Development
• Work From Home