SITEC - Endpoint Security Engineer - MacDill AFB

Program Overview

Peraton provides USSOCOM, its Component Commands, Theater Special Operations Commands (TSOCs), deployed forces, CIO/J6, and end-users with high-quality IT platform and network services over an eight-year period.

About The Role

Peraton requires System Engineers to support the Special Operation Command Information Technology Enterprise Contract (SITEC) – 3 EOM.  This position is located at MacDill AFB in Florida.

The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (NetOps); maintain systems and network infrastructure; provide end user and common device support; provide configuration, change, license, and asset management; conduct training, and perform Install, Move, Add, Change (IMACs) services. The responsibilities and tasks associated with each requirement play a pivotal role to USSOCOM, the CIO/J6 organization, and ultimately the end-user who operate around the globe 24x7x365.

The Systems Engineer is a motivated Endpoint and Cloud Security professional responsible for the technical support, administration, and ongoing maintenance of our endpoint and cloud security solutions, with a primary focus on the Trellix Endpoint Security Suite (ESS) and the Microsoft Defender Suite. This role requires a solid understanding of modern security principles and hands-on experience with the specified technologies to ensure the operational health and effectiveness of our security posture.

• Engineer and Optimize Security Platforms: Lead the continuous tuning and hardening of the Trellix and Microsoft Defender suites. Go beyond default configurations to optimize performance, reduce agent overhead, and increase detection efficacy.
• Collaborate with infrastructure, application support, and identity and access management (IAM) teams to support security integrations across the technology environment.
• Work to ensure all systems remain compliant with internal security policies and external directives (e.g., DISA STIGs, USCYBERCOM orders), including preparing for and supporting security inspections and audits.
• Ensure all endpoint and cloud security platforms are correctly configured and optimized for performance, availability, and security under the guidance of senior team members.
• Perform the deployment, configuration, and maintenance of the Trellix Endpoint Security Suite (ESS) and the full Microsoft Defender Suite (including Defender for Endpoint, Identity, Cloud Apps, and Office 365).
• Automate Security Operations: Identify and eliminate manual processes by developing automation scripts and playbooks (e.g., using PowerShell, Python, or SOAR capabilities) for tasks such as agent health remediation, incident data enrichment, and compliance reporting.
• Modernize and Integrate the Security Stack: Engineer robust integrations between endpoint security platforms and other ecosystem tools (e.g., SIEM, SOAR, Threat Intelligence Platforms) using APIs to streamline workflows and enhance overall security visibility.
• Enhance Attack Surface Reduction: Systematically analyze the environment using tools like Defender's Threat & Vulnerability Management (TVM) and Trellix insights to identify and engineer solutions that reduce the enterprise attack surface.
• Optimize Telemetry and Data Collection: Fine-tune endpoint agent policies and sensor configurations to produce high-value, low-noise data streams. Ensure endpoint and application detection and protection rules are implemented based on environmental considerations.
• Manage Platform Health and Lifecycle: Contribute to the strategic lifecycle management of endpoint agents and infrastructure, planning for major version upgrades, testing new features, and ensuring the long-term health and scalability of the platforms.
• Serve as a Technical Expert: Act as a technical resource for the Security Operations Center (SOC) during complex incident response scenarios, providing deep platform-specific expertise.
• Create and Maintain Engineering-Level Documentation: Document custom configurations, automation scripts, integration architectures, and advanced operational procedures to ensure solutions are supportable and scalable.

Qualifications

Required Qualifications:

• Min 9 years with HS Diploma, 7 years AS/AA degree, 5 years with BS/BA degree, 3 years with MS/MA
• A DoD TS/SCI clearance is required
• DoDD 8570.01-M IAT II

Desired Qualifications:

• Endpoint Security Platform Management
• Threat Detection and Analysis
• Security Automation and Scripting
• SIEM Integration and Optimization
• Cloud Security Principles
• Network and System Fundamentals
• Compliance and Security Frameworks
• Problem Solving and Troubleshooting
• Technical Documentation
• Continuous Learning and Adaptability

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at

Application Duration Statement: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.