Microsoft Subject Matter Expert (SME)

The Microsoft SME will be responsible for providing advanced engineering and technical support for enterprise endpoint environments, with a primary focus on Microsoft and Windows platforms. The engineer will play a critical role in implementing new solutions, leveraging existing tools to support security logging and auditing, and administering information security functions for endpoint baselines. This includes managing updates, upgrades, policy administration, and validation for secure access to segmented environments (both cloud and non-cloud). The role requires a strong focus on endpoint engineering, imaging, patch management, identity integration, and security compliance, rather than standard help desk support.

• Enterprise Windows Support: Provide high-level engineering support for enterprise Windows environments, including Microsoft 365 administration and Active Directory integrations.
• Endpoint Imaging and Automation Engineering: Build and maintain Windows (and macOS) workstation images. Manage image automation, validation, rollback, and version control processes. Integrate images with Virtual Desktop Infrastructure (VDI), Endpoint Detection and Response (EDR), authentication, and logging agents.
• Patch and Configuration Management: Utilize tools such as Ivanti and/or KACE for OS and application patching. Manage configuration drift, execute remediation workflows, and provide comprehensive reporting. Validate patches post-deployment and support necessary rollback procedures.
• Device Enrollment and Identity Engineering: Leverage Microsoft Intune and Windows Autopilot for robust provisioning, deployment, and compliance enforcement. Implement and manage advanced authentication methods, including passwordless authentication and hardware-backed credentials (e.g., YubiKey, CAC, software keys).
• Logging, Monitoring, and Telemetry: Configure robust endpoint logging (e.g., Windows Event Logs). Forward and validate logs into SIEM/EDR platforms (such as MS Sentinel) to support forensic collection, audit readiness, and continuous monitoring.
• Security Administration: Assist in administering all information security functions for the Windows baselines, including updates, upgrades, policy administration, and validation for special access to segmented environments.
• Documentation: Develop and maintain detailed technical documentation, operational procedures, and configuration baselines.
• Compliance: Actively support federal security and compliance requirements through rigorous engineering practices and under formal change control, audit, and security governance processes.

• Clearance & Background: Must possess an active Top Secret security clearance.
• Education: A Bachelor’s degree in Information Technology, Cybersecurity, or a related field (or equivalent experience) is preferred.

Experience:

• A minimum of eight (8) years of overall experience in Information Technology, Endpoint Engineering, or Cybersecurity.
• A minimum of six (6) years of dedicated experience performing advanced engineering (not help desk) functions in complex enterprise environments.
• Demonstrated experience working under formal change control, audit, and security governance processes.

Required Technical Skills:

• Extensive experience supporting enterprise Windows environments.
• Hands-on experience and proficiency with Microsoft Intune, Windows Autopilot, Active Directory, and Microsoft 365 administration.
• Experience with patch management and deployment tools such as Ivanti and KACE.
• Deep expertise in endpoint security, patch management, and device lifecycle management.
• Experience supporting virtual desktop and remote access technologies.
• (Familiarity with JAMF for macOS management is highly beneficial as environments are often mixed).

Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• While performing the duties of this job, the employee may be regularly required to stand, sit, talk, hear, reach, stoop, kneel, and use hands and fingers to operate a computer, telephone, keyboard, and standard office equipment
• Specific vision abilities required by this job include close vision requirements due to computer workThe employee must occasionally lift and/or move up to 15 pounds
• Fine hand manipulation (keyboarding)

Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Exposure to general office conditions while conducting office duties
• Moderate noise (i.e., business office with computers, phone, and printers, light traffic)
• Ability to work in a confined area
• Ability to sit at a computer terminal for an extended period

Working at Edgewater Federal Solutions:
Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services, and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies since 2018.

Edgewater Federal Solutions is an Equal Opportunity Employer. It has been and continues to be our policy to provide equal employment to all employees and applicants for employment without regard to race, color, religion, gender, national origin, age, disability, marital status, veteran status and/or other status protected by applicable law.