Provides Tier II/III technical expertise on all aspects of McAfee endpoint security point products.
Work with government counterparts to seek approval for Host IPS exclusions and policy tuning.
Assist sites in the deployment of McAfee point products, as well as troubleshooting point product deployment, IPS blocks, and connectivity issues.
Review and provide analysis on Host IPS, Endpoint Security Platform, and McAfee Agent log files.
Track network wide compliance with DISA Baseline requirements for the McAfee point products.
Provide regular analysis and reporting of tracked data within the ePO. Troubleshoot policy enforcement to point products.
Understand when a change request is necessary for specific actions and be able to carry a request through the change management process.
Prepare sites for command cyber readiness inspections, and regular security inspections done on the site’s own accord.
Regularly review security technical implementation guides and apply new changes and configurations to policies.
Work collectively with other teams that have ownership over endpoint configurations to implement proper security configurations.
Work collaboratively with other teams to solve problems and provide solutions to issues on endpoints in relation to McAfee point products.
Work collaboratively with the cyber security analysts to provide relevant information regarding incidents from ePO data.
Actively communicate with the customer base to effectively solve problems and troubleshoot incidents at the site level.
Develop strong resources and technical guidance for the field based on relevant endpoint security procedures.
Experience with McAfee ePolicy Orchestrator (HBSS)
At least 6+ years of relevant experience in a CND or SOC role
At least 2+ years of Advanced Threat exposure and analysis
Clearance Requirement: TS/SCI
Required Baseline Certs:
IAT III 8570 Baseline Certification
CISSP, CASP or equivalent CSSP Infrastructure:
Must obtain Intel McAfee Certified Product Specialist – EPO and Intel McAfee Certified Product Specialist - HIPS within 180 days of starting in the position.
Candidates must be willing and able to attain a CI Polygraph for certain positions as determined by the contract
Travel may be required to support the mission
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.