Zero Trust Security Engineer - SME

Overview The Government Publishing Office (GPO) SecDevOps program provides advanced security, development, and operations support to safeguard federal information systems and infrastructure. This initiative integrates cybersecurity best practices with agile development and IT operations to ensure continuous security, compliance, and resilience across GPO’s enterprise IT services. The mission is to protect and enable GPO’s digital transformation by delivering secure, scalable, and reliable IT services in alignment with federal cybersecurity mandates and operational excellence standards. DecisionPoint Corporation is seeking a Zero Trust Security Engineer – SME to serve as the subject matter expert for Zero Trust Architecture (ZTA) implementation across GPO enterprise systems. This role leads Defender for Endpoint deployment and configuration efforts, drives continuous enterprise cybersecurity improvements, and ensures alignment with NIST, RMF, and FISMA frameworks. As a key advisor to the IT Security Division, this individual will oversee enterprise risk posture, technical validation, and optimization of cybersecurity operations. Location: Remote – candidates located in the Washington, DC metropolitan area (DMV) are highly preferred. Clearance Requirement: Must be able to obtain and maintain a Public Trust clearance. Note: By applying to this position, you acknowledge and consent to having your resume included in an active competitive government contract bid. Duties & Responsibilities Oversee technical planning, scripting, testing, and enterprise-wide deployment of Microsoft Defender for Endpoint agents. Coordinate onboarding of target endpoints using Microsoft Intune or Active Directory Group Policy. Ensure proper telemetry reporting, endpoint visibility, and adherence to Microsoft security best practices. Create and maintain security control test results, asset inventories, and remediation documentation in GRC repositories. Contribute to RMF artifact generation such as POA&Ms, data flow diagrams, and patch/upgrade schedules. Ensure all documentation reflects the latest changes to production environments and security tools. Lead architectural reviews and risk posture assessments to identify cybersecurity gaps and recommend remediation strategies. Evaluate logging efficiency, rule tuning, and threat detection performance across SIEM and endpoint platforms. Conduct quarterly executive reviews and operational touchpoints to align security posture with mission goals. Contribute to the development and maintenance of RMF documentation (POA&Ms, Security Assessment Reports, Security Plans). Validate and document security controls for systems affected by Defender and other ZTA tooling. Ensure compliance with NIST SP 800-53, 800-37, and FISMA standards across security solutions. Qualifications Minimum Experience: 10 years of experience in cybersecurity engineering, with 3+ years in Zero Trust or endpoint security domains. Minimum Education: Bachelor’s degree in Computer Science, Information Systems, other related disciplines (or equivalent experience) Technical Knowledge: Demonstrated expertise with Microsoft Defender suite, Intune, and Azure-based security solutions. Proven ability to lead enterprise-wide cybersecurity solution design, deployment, and validation. Federal experience (preferred) Certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200), Microsoft Certified: Cybersecurity Architect Expert (SC-100), or CISSP (Certified Information Systems Security Professional) required. Our Equal Employment Opportunity Policy EEO and Affimative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affimative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affimative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws. Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents. #J-18808-Ljbffr