Endpoint Security Analyst (Microsoft Defender) - MDE Analyst

Resource Management Concepts, Inc. (RMC) provides high-quality, professional services to government and commercial sectors. Our mission is to deliver exceptional management and technology solutions supporting the protection and preservation of the people and environment of the United States of America.

The Naval Information Warfare Center (NIWC) Atlantic Defensive Cyberspace Operations (DCO) Integrated Product Team (IPT) is charged with the mission of conducting Defensive Cyberspace Operations to defend subscriber networks. The DHA Cybersecurity Operations Center (CyOC) coordinates and orchestrates cybersecurity activities execution at the DoD Component scale to protect information systems against unauthorized activity, vulnerabilities, or threats.

RMC is hiring for an experienced Endpoint Security Analyst (Microsoft Defender). The Endpoint Security Analyst is responsible for the technical administration, operational response, and management of the enterprise's Microsoft Defender platform with a focus on Microsoft Defender for Endpoint (MDE). The role ensures the health and security of all enrolled endpoints, manages security policies to meet compliance directives, and serves as a subject matter expert on advanced endpoint threat mitigation. This position performs hands-on triage of security events using the Microsoft 365 Defender portal, develops advanced hunting queries, validates security configurations for policy compliance, and reports confirmed incidents to the NIWC CSSP.

Requirements:
Core Responsibilities

• Platform Administration - Build, maintain, and optimize the Microsoft Defender for Endpoint environment. Manage technical changes, respond to escalated Tier II/III issues, assist with compatibility evaluations, and perform root cause analysis on platform issues.
• Security Operations & Triage - Proactively monitor and evaluate MDE alerts for malicious activity. Perform initial triage, tune prevention policies (e.g., Attack Surface Reduction), develop custom detection rules using Kusto Query Language (KQL), and report confirmed incidents to the NIWC CSSP.
• Compliance & Readiness - Validate and enforce endpoint security configurations against STIG and TASKORD directives to ensure policy compliance. Audit and validate the endpoint security posture for CCRI/CORA readiness and report events for compliance monitoring.
• Policy & Deployment - Implement the strategy for endpoint onboarding, security policy tuning, and the rollout of new MDE capabilities (e.g., Threat & Vulnerability Management, EDR) across the enterprise.

Required Qualification

• Experience: A minimum of three years of experience administering an enterprise Endpoint Detection & Response (EDR) platform within a DoD context.
• Must be a US Citizen.
• Position may require up to 25% travel to various OCONUS and CONUS locations as needed [EOE AA M/F/Veteran/Disability]
• Clearance: Secret with T5 Investigation
• Certifications: Must possess DoD 8570 IAT Level II.
• Education: Bachelor's degree in a related field or five years of equivalent professional experience.
• Citizenship: Must be a US Citizen.
• Core Skills:
• Excellent problem-solving, analytical, and communication abilities.
• Ability to collaborate effectively with multiple teams in a fast-paced environment.
• Strong understanding of common enterprise technologies and cybersecurity principles.

Highly Desired Skills

• Microsoft Defender Expertise: Deep knowledge of the Microsoft Defender for Endpoint platform, including Threat & Vulnerability Management, Attack Surface Reduction, Next-Generation Protection, EDR, and Automated Investigation & Response.
• Advanced Threat Hunting: Proficiency in writing and developing advanced threat hunting queries using Kusto Query Language (KQL).
• Systems Administration: Strong background in both Windows and Linux OS administration in a large enterprise (2,000+ servers).
• SIEM Integration: Experience developing security-focused content and dashboards in Splunk using Microsoft 365 Defender data.

Benefits:
At RMC, we're committed to your career growth! RMC differentiates itself from other firms through its investment in our employees. We invest our resources to train, certify, educate, and build our employees.

RMC can offer you a great place to work with a small company feel and give you the experience, tuition assistance, and certifications that will take your career to the next level. This also includes a competitive paid vacation package with 11 paid federal holidays. Additionally, we also offer high-quality, low-deductible healthcare plans, pet insurance, and a competitive 401K package.

Salary at RMC is determined by various factors, including but not limited to location, a candidate's specific combination of education, knowledge, skills, competencies, and experience, as well as contract-specific requirements. The current salary range for this position will be $105,000 to $123,900 (annually).