Endpoint Security Administrator with Security Clearance

We're expanding our cybersecurity team as part of a high-impact effort supporting the U.S. Air Force through Enterprise IT as a Service (EITaaS) Wave 1. This role focuses on hardening endpoint systems within a secure, classified environment-critical to protecting sensitive systems and information. If you're passionate about policy enforcement, endpoint hardening, and making a difference in national defense infrastructure, we want to hear from you. What You'll Do: In this role, you'll lead efforts to define, deploy, and manage endpoint security policies-ensuring compliance and protection across desktops, laptops, and other endpoint devices. You'll work with Active Directory, Group Policy Objects (GPOs), and Local Security Policies to implement best-in-class defense strategies, while collaborating with other security teams to keep our environment resilient. Key Responsibilities: Policy Management & Enforcement Design and maintain GPOs to secure Windows-based endpoints Develop and manage Local Security Policies for standalone or non-domain systems Regularly review and update policies based on new threats, standards, or system changes Troubleshoot GPO conflicts and application issues Security & Compliance Define security baselines for various endpoint types (e.g., workstations, servers, mobile) Ensure compliance with internal security policies and external frameworks (NIST, ISO 27001, HIPAA, etc.) Conduct audits and generate reports on endpoint security posture Support rapid policy changes during security incidents Testing & Validation Test GPO and security policy updates in isolated environments Validate changes for compatibility and performance impact Document policy implementations, exceptions, and results Collaboration & Support Work closely with IT operations, infrastructure, and cybersecurity teams Provide training and guidance on policy management to support staff Contribute to cross-team security initiatives and projects Continuous Improvement Stay current on Windows security features and evolving threats Recommend improvements to strengthen endpoint defense strategies Assist in tuning policies to balance usability and security Required: 10+ years of experience in endpoint security, IT security, or a related cybersecurity role Deep experience managing Active Directory and Group Policy Strong understanding of Windows security and endpoint protection strategies Experience with EDR and antivirus platforms Knowledge of network protocols, malware behaviors, and patching tools Familiarity with PowerShell scripting for policy automation and reporting Clear understanding of compliance frameworks (NIST, PCI-DSS, HIPAA, ISO 27001) Excellent troubleshooting and problem-solving abilities Strong communication skills for working with both technical and non-technical teams Active Secret Clearance DoD 8140 compliance - CompTIA Security+ (or equivalent) Preferred: Experience with endpoint security in cloud environments (AWS, Azure) Familiarity with SIEM tools like Splunk or LogRhythm Knowledge of scripting in Python or Bash Experience with vulnerability scanning and management tools Certified Endpoint Protection Professional (CEPP) Certified Ethical Hacker (CEH) GIAC Endpoint Security (GESP) Additional security or compliance certifications