Sr. Systems Engineer; Endpoint Detection & Response
Listed on 2026-07-08
-
IT/Tech
Systems Engineer, Cybersecurity -
Engineering
Systems Engineer, Cybersecurity
Themis Insight solves difficult business, IT, and analytic problems by addressing the whole problem – not just the symptoms – using interdisciplinary approaches that are both practical and innovative. We provide fresh alternatives to ordinary, mainstream consulting firms through small, highly skilled, and hand-picked teams that can meet clients' needs in any industry. Our broad interdisciplinary understanding allows us to provide the right solution, even if it is from outside the industry or traditionally defined problem space.
We bring Public and Private, Civilian and Military expertise to every case.
We are hiring a Sr. Systems Engineer (Endpoint Detection & Response) to work in Fort Meade, MD
. Position location is subject to change based on central MD client's needs.
Required: TS/SCI with a Polygraph
DescriptionThe Senior Systems Engineer (Level
3) serves as a principal technical leader and subject matter expert within the National Security Agency’s Enterprise Endpoint Detection and Response (EDR) Program. Operating in a highly classified, multi-domain infrastructure, the successful candidate will drive the strategic architectural design, end-to-end integration, deployment, and optimization of premier endpoint security platforms, specifically Microsoft Defender for Endpoint (MDE) and Trellix HX. This critical role bridges high-level systems architecture with operational defense capabilities, ensuring total endpoint visibility, robust threat containment, and resilient configuration management across all enterprise and mission‑critical assets to defend national security infrastructure against sophisticated cyber threats.
Duties And Responsibilities
The Systems Engineer 3 is responsible for leading the lifecycle engineering and scale‑out architecture of MDE and Trellix HX across hybrid environments, including on‑premises, cloud, and virtual desktop infrastructures (VDI). This includes authoring complex system engineering and implementation plans, tuning agent configurations and exclusion policies to eliminate mission friction, and monitoring overall endpoint health engineer will collaborate closely with threat hunting and intelligence analysts to translate actionable threat intelligence into custom technical indicators of compromise (IOCs), utilizing Kusto Query Language (KQL) and YARA rules.
Additionally, the individual will act as a primary technical advisor to Government stakeholders on system risks and engineering considerations, provide advanced forensic support to the SOC during critical high‑priority incidents, and actively mentor junior and mid‑level engineering personnel within the program.
- Twenty (20) years experience as a SE in programs and contracts of similar scope, type and complexity is required. Demonstrated experience in planning and leading Systems Engineering efforts is required. Bachelor’s degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university is required. Five (5) years of additional SE experience may be substituted for a bachelor’s degree.
- Microsoft Defender for Endpoint (MDE) Expertise:
Proven engineering experience with MDE architecture, deployment strategies via MECM/SCCM or Intune, policy ring management, and advanced hunting using Kusto Query Language (KQL). - Trellix HX Expertise:
Demonstrated experience engineering, deploying, and managing Trellix HX (formerly Fire Eye) controllers and agents within airgapped or highly restricted networks, including the creation of OpenIOC and YARA rules. - Operating System & Forensic Knowledge:
In-depth technical understanding of Windows, Linux, and macOS internals, including file systems, registry structures, and process execution mechanics. - Professional Standards:
Compliance with DoD 8570/8140 IAM Level II or III baseline certifications.
- Vendor
Certifications:
Microsoft Certified:
Security Operations Analyst Associate (SC-200), Azure Security Engineer Associate (AZ-500), or Trellix Certified Engineering credentials. - Methodologie…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).