Windows Desktop and OS Engineer

Summary

Join SES as a Microsoft Windows engineer SME to support GSA customers' hardware, software, and operating systems. Maintain and manage Active Directory Group Policies for Windows 11, evaluate security hardening, and investigate OS issues. Manage MBAM hard drive encryption, engineer Windows 10 to 11 migrations, and prepare documentation. Provide Tier 3 support, escalate issues to vendors, and test GSA baseline images and hardware. This role requires a Public Trust Clearance, ITILv4 Foundation Certification (obtainable within 120 days of hire), and extensive Windows experience.

Requirements

• Public Trust Clearance by start date
• ITILv4 Foundation Training and ITILv4 Foundation Certification, may be obtained within 120 days after hire
• Previous experience implementing Windows 11 in a large enterprise environment
• Minimum of 8 years as Windows engineer
• 2+ years working with Windows 11
• Must be willing to work a variety of shifts, including holidays as scheduled
• Applies fundamental concepts, processes, practices, and procedures on technical assignments. Performs work that requires practical experience and training. Work is performed under supervision
• Proven ability to work independently in a full and/or partial remote environment with limited supervision and may supervise/lead others
• Possess the ability to communicate in both oral and written forms, demonstrating an ability to communicate effectively with all levels of staff as well as clients
• Maintain standard working hours per the DIGIT contract and to be available for meetings, and other collaborative efforts during working hours
• Demonstrated ability to apply comprehensive knowledge across key tasks and high impact assignments with the ability to use practical experience and training to determine how to accomplish tasks
• 10 - 15 years of experience and bachelor's degree
• Experience as a remote worker demonstrating time management and self discipline with cultural change management and Agile mindset
• If remote, maintain home workspace in a safe manner, free from safety hazards and in line with information security policies
• Communicate verbally in person, over the phone or by video chat and clearly/succinctly in writing, primarily utilizing a keyboard
• Appear on camera for meetings with co-workers and government partners via video chat and ensure the protection of proprietary company and customer information is consistent with the company’s expectation of information security
• Viewing computer screens and sitting for long periods of time
• Travel is not required
• Can plan and prioritize work. Follows tasks to their logical conclusion and makes sure that everything has been done to the right standard. Good attention to detail
• Able to enthuse and maintain project interest. Comfortable working both individually and as part of a team. Prepared to challenge ideas within a group in a constructive way
• Ability to communicate clearly and efficiently to team members and clients, verbally and in writing. Able to present ideas in a variety of ways depending upon audience and context. Excellent active listening skills
• Ability to determine process measures and track to determine process effectiveness and efficiency
• Natural inclination for planning strategy and tactics. Ability to analyze problems and determine root cause, generating alternatives, evaluating, and selecting alternatives and implementing solutions
• Able to drive things forward regardless of personal interest in the task

Responsibilities

• Maintain and manage Active Directory Group Policies for WIndows 11 desktop operating systems
• Evaluate and apply Security Hardening guide Group Policies to Windows workstations
• Maintain and manage Active Directory Group Policies for applications such as Microsoft Office, Edge, Google Chrome and various client GPO setting requirements
• Investigate Application, browser and OS issues that stem from GPO settings and work with security for approved exceptions to the hardening guides
• Manage MBAM (Microsoft BitLocker Administration and Monitoring) hard drive encryption for all GSA Win11 PCs including legacy key retrieval
• Engineer and migrate other organizations and/or agencies from Windows 10 to Windows 11
• Prepares documentation of methods and procedures
• Contributes to the development of sections of systems engineering documentation such as KIOSK configuration and Hardware Certification
• GSA Baseline image testing
• Hardware and Peripheral evaluation, testing and certification for use in GSA
• Test and maintain BIOS guide for each model desktop/laptop in GSA
• Provide Tier 3 support to ITSD/DSS/ATS (IT Support) for Hardware/Software/Configuration issues
• Escalate issues to vendor and third-party entities, as necessary and directed by the Government

Preferred Qualifications

• Microsoft certifications
• Experience with Scripting in Powershell and using BigFix to create BigFix Actions Scripts
• Experience with HCL BigFix, VMware, SolarWinds, Active Directory
• Proficiency in the Google Suite (Gmail, Calendar, Chat, Meet, Docs, Slides, Sheets), Microsoft Office (Word, Excel, PowerPoint, Outlook), Slack, ServiceNow, NetIQ AD/GPO Directory Management tool, WinBatch, Visual Basic, and PowerShell scripting

Benefits

• Medical
• Dental
• Vision
• AD&D
• STD
• LTD
• Company paid Life Insurance
• 401k with employer contribution
• Paid Time Off
• Pet Insurance