SITEC - Cyber Engineer - MacDill AFB

Peraton requires Systems Engineers to support the Special Operation Command Information Technology Enterprise Contract (SITEC) – 3 EOM. 

This position is located at MacDill AFB in Florida.   

The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (NetOps); maintain systems and network infrastructure; provide end user and common device support; provide configuration, change, license, and asset management; conduct training, and perform Install, Move, Add, Change (IMACs) services. The responsibilities and tasks associated with each requirement play a pivotal role to USSOCOM, the CIO/J6 organization, and ultimately the end-user who operate around the globe 24x7x365. 

• Engineer solutions for comprehensive device discovery, vulnerability patching, and continuous compliance posture assessments
• deploy advanced EDR/XDR capabilities to continuously monitor, detect, and automatically respond to endpoint threats
• Integrate host-based firewalls and ZTNA agents to enable network data flow mapping, host-level micro-segmentation, and Software Defined Perimeters
• Design and enforce strict application whitelisting and continuous application telemetry monitoring to ensure only authorized workloads execute on endpoints
• Develop custom scripts (PowerShell, Python) to automate agent health checks, forced remediations, and Zero Trust policy enforcement on diverse operating systems.
• Create authoritative system design documents that explicitly map endpoint engineering configurations to DoD Zero Trust capability requirements.
• Engineer telemetry pipelines to reliably route endpoint logs, behavioral alerts, and compliance state data to centralized SIEMs and Zero Trust policy engines.
• Conduct rigorous interoperability testing between multiple endpoint security agents to prevent system conflicts, kernel panics, and resource exhaustion.

Required Qualifications:

• Min 12 years with HS degree, 10 years with AS/AA degree, 8 years with BS/BA, 6 years with MS/MA
• DoD 8570 IAT II Certification  
• DoD TS/SCI clearance 

Desired Qualifications:

• Broad general experience deploying, administering, and migrating between various commercial endpoint security products (e.g., Trellix, Symantec, CrowdStrike, SentinelOne, Carbon Black).
• Experience managing and securing endpoints across diverse enterprise operating systems, including Windows, macOS, and Linux distributions.
• Familiarity with digital forensics and incident response (DFIR) methodologies, specifically regarding remote endpoint data collection and analysis.
• Experience utilizing endpoint configuration management tools (e.g., MECM/Intune, Ansible, Tanium) to enforce software baselines and continuous compliance.
• General knowledge of malware behavior, threat intelligence integration, and translating indicators of compromise (IoCs) into endpoint blocking rules.