McAfee HBSS Engineering & Administration - TS/SCI with Polygraph

McAfee HBSS/ESS Engineer

We are seeking highly motivated engineers with a passion for learning to support a geographically dispersed, state-of-the-art system that seamlessly integrates Linux and Microsoft services. Ideal candidates will have demonstrated expertise in operating and optimizing Host-Based Security System (HBSS) and Endpoint Security Solutions (ESS) within a Microsoft Windows Server environment. A strong working knowledge of HBSS and the McAfee solution suite is essential for success in this role.

Role Overview

The selected candidate will design and implement solutions within a large-scale, multi-domain enterprise Windows Server and Desktop environment, including select hybrid domains with Red Hat Enterprise Linux (RHEL) integration. Operating within a DevOps framework, engineers will be responsible for the full IT project lifecycle, including:

• Refining requirements
• Developing design documentation
• Creating installation and deployment plans
• Providing operations and maintenance (O&M) support
• Project assignments will vary based on skill level and may include:
• Engineering geographically dispersed services
• Integrating solutions into public, private, and hybrid cloud environments
• Implementing automation-driven configuration management
• Ensuring compliance with security and SCAP standards

Key Responsibilities

• Provide McAfee HBSS/ESS support across multiple classification levels
• Optimize system performance and troubleshoot HBSS components within complex environments
• Deploy, maintain, and configure McAfee clients to align with evolving standards
• Monitor HBSS software to ensure operational integrity and proper reporting
• Maintain compliance with Department of Defense (DoD) security standards and guidelines
• Manage and troubleshoot HBSS-related management systems

Required Skills & Experience

• Expertise in McAfee HBSS/ESS design and management
• Advanced knowledge of McAfee ePolicy Orchestrator (ePO)
• Experience with HBSS modules, including:
    - McAfee Agent (MA)
    - Host Intrusion Prevention System (HIPS)
    - Data Loss Prevention (DLP)
    - Policy Auditor (PA)
    - VirusScan Enterprise (VSE)
    - Rogue System Detection (RSD)
    - Asset Baseline Monitor (ABM)
    - Asset Configuration Compliance Module (ACCM)
• Proficiency in policy analysis for HIPS firewall, application whitelisting, and intrusion prevention exclusions
• Experience using vulnerability assessment tools such as Nessus, SCAP, STIGs, checklists, and SRGs
• Administration and maintenance of ACAS Security Center and ACAS Nessus scanner
• Experience with:
  - Microsoft or RHEL system engineering and administration (preferred)
    - Cloud-based PaaS solutions (AWS or Azure) (preferred)
    - Work management tools (JIRA, ServiceNow)

Certifications & Clearance

Required: CompTIA Security+ or equivalent (IAT Level II DoD 8570)

Preferred:

DoD 301 HBSS Advanced Administrator Course

DoD 501 HBSS Analyst Course

Clearance: TS/SCI with Polygraph

Education: Bachelor’s degree in a related field

Experience: 8+ years of relevant experience

Location: On-site at customer location

US Citizenship Required

Why Join GDIT?

At GDIT, we invest in our employees and provide opportunities for professional growth and career advancement. Benefits include:

401(k) match

Comprehensive health and wellness packages

Dedicated internal mobility team

Paid education and certifications

Exposure to cutting-edge technology

Generous paid vacation and holidays

Join us and take your career to the next level in a mission-critical environment.