Systems Engineer 3
The Senior Systems Engineer (Level 3) serves as a principal technical leader and subject matter expert within the National Security Agency’s Enterprise Endpoint Detection and Response (EDR) Program. Operating in a highly classified, multidomain infrastructure, the successful candidate will drive the strategic architectural design, end-to-end integration, deployment, and optimization of premier endpoint security platforms, specifically Microsoft Defender for Endpoint (MDE) and Trellix HX. This critical role bridges high-level systems architecture with operational defense capabilities, ensuring total endpoint visibility, robust threat containment, and resilient configuration management across all enterprise and mission critical assets to defend national security infrastructure against sophisticated cyber threats.
The Systems Engineer 3 is responsible for leading the lifecycle engineering and scale-out architecture of MDE and Trellix HX across hybrid environments, including on-premises, cloud, and virtual desktop infrastructures (VDI). This includes
authoring complex system engineering and implementation plans, tuning agent configurations and exclusion policies to eliminate mission friction, and monitoring overall endpoint health at scale. The engineer will collaborate closely with threat hunting and intelligence analysts to translate actionable threat intelligence into custom technical indicators of compromise (IOCs), utilizing Kusto Query Language (KQL) and YARA rules. Additionally, the individual will act as a primary technical advisor to Government stakeholders on system risks and engineering considerations, provide advanced forensic support to the SOC during critical high-priority incidents, and actively mentor junior and mid-level engineering personnel within the program.
Capabilities
- Manage system requirements and derived requirements to ensure the delivery of production systems that are compatible with the defined system architecture(s) — Department of Defense Architecture Framework (DoDAF), Service-oriented Architecture (SOA), etc.
- Contribute to the development of sections of systems engineering documentation such as System Engineering Plans, Initial Capabilities Documents, Requirements specifications, and Interface Control Documents
- Assist with the development of system requirements, functional requirements, and allocation of the same to individual hardware, software, facility, and personnel components
- Coordinate the resolution of action items from Configuration Control Board (CCB) meetings, design reviews, program reviews, and test reviews that require cross-discipline coordination
- Participate in an Integrated Product Team to design new capabilities based upon evaluation of all necessary development and operational considerations
- Allocate real-time process budgets and error budgets to systems and subsystem components
- Generate alternative system concepts, physical architectures, and design solutions
- Define the methods, processes, and evaluation criteria by which the systems, subsystems and work products are verified against their requirements in a written plan
- Develop system design solution that satisfies the system requirements and fulfills the functional analysis
- Review and provide input to program and contract work breakdown structure (WBS), work packages and the integrated master plan (IMP)
- Participate in the development of system engineering documentation, such as System Engineering Plans, Initial Capabilities Documents, Requirements Specifications, and Interface Control Documents
- Participate in interface definition, design, and changes to the configuration between affected groups and individuals throughout the life cycle
- Derive from the system requirements an understanding of stakeholder needs, functions that may be logically inferred and implied as essential to system effectiveness
- Derive lower-level requirements from higher-level allocated requirements that describe in detail the functions that a system component must fulfill, and ensure these requirements are complete, correct, unique, unambiguous, realizable, and verifiable
- Participate in establishing and gaining approval of the definition of a system or component under development (requirements, designs, interfaces, test procedures, etc.) that provides a common reference point for hardware and software developers
- Develop derived requirements for Information Assurance Services (Confidentiality, Integrity, Non repudiation, and Availability); Basic Information Assurance Mechanisms (e.g., Identification, Authentication, Access Control, Accountability); and Security Mechanism Technology (Passwords, cryptography, discretionary access control, mandatory access control, hashing, key management, etc.)
- Implement comprehensive SOA solutions
- Implement operational view, technical standards view, and system and services view for architectures using applicable DoDAF standards
- Review and/or approve system engineering documentation to ensure that processes and specifications meet system needs and are accurate, comprehensive, and complete
- Capture all interface designs in a common interface control format, and store interface data in a commonly accessible repository
- Assess each risk to the program and determine the probability of occurrence and quantified consequence of failure in accordance with an approved risk management plan
- In conjunction with system stakeholders, plan the verification efforts of new and unproven designs early in the development life cycle to ensure compliance with established requirements
- Prepare time-line analysis diagrams illustrating the flow of time-dependent functions
- Establish a process to formally and proactively control and manage changes to
- requirements, consider impacts prior to commitment to change, gain stakeholder buy-in, eliminate ambiguity, ensure traceability to source requirements, and track and settle open actions
- Manage and ensure the technical integrity of the system baseline over time, continually updating it as various changes are imposed on the system during the lifecycle from development through deployment and operations & maintenance
- Support the planning and test analysis of the DoD Certification/Accreditation Process (as well as other Government Certification and Accreditation (C&A) processes)
- Support the development and review of Joint Capability Integration Development System (JCIDS) documents (i.e., Initial Capability Document, Capabilities Description Document, IA Strategy)
- Provide technical direction for the development, engineering, interfacing, integration, and testing of specific components of complex hardware/software systems to include requirements elicitation, analysis and functional allocation, conducting systems requirements reviews, developing concepts of operation and interface standards, developing system architectures, and performing technical/non-technical assessment and management as well as end-to-end flow analysis
- Develop scenarios (threads) and an Operational Concept that describes the interactions between the system, the user, and the environment, that satisfies operational, support, maintenance, and disposal needs
- Conduct quantitative analysis in non-functional system performance areas like Reliability, Maintainability, Vulnerability, Survivability, Produce-ability, etc.)
- Establish and follow a formal procedure for coordinating system integration activities among multiple teams, ensuring complete coverage of all interfaces
- Develop comprehensive SOA solutions
- Develop operational view, technical standards view, and system and services view for architectures using applicable DoDAF standards
- Conduct and/or approve end-to-end system trade analyses to optimize system operations over its life-cycle through the proper balance of non-functional system performance areas
- Use validated models, simulations, and prototyping to mitigate risk and reduce cost of system development
- Ensure effective, periodic review and control of the evolving configuration of a system, both hardware and software components and associated documentation, during the life of the system
- Serve as a member of the CCB
- Develop system design alternatives that consider life cycle cost, reuse, complexity, risk, system expansion, and growth
- Develop alternative courses of action, workarounds, and fall back positions with a recommended course of action for each risk, and monitor and re-evaluate risks at appropriate milestones. Monitors risks using earned value management (EVM) data
- Maintain knowledge of current and evolving agency, national, and international standards applicable to the system development of interest. Apply and enforce use of suitable standards to ensure consistency and interoperability of developer hardware and software
- As a participant within an Analysis of Alternatives (AoA) effort, recommend a preferred solution based on selection criteria adjusted for reasonableness and validity of assumptions, technology limitations, environmental impact, and life-cycle costs
- Provide technical direction for the development, engineering, interfacing, integration, and testing of all components of complex hardware/software systems to include requirements elicitation, analysis and functional allocation, conducting systems requirements reviews, developing concepts of operation and interface standards, developing system architectures, and performing technical/non-technical assessment and management as well as end-to-end flow analysis
- Improve standard integration strategies based upon rationale for previous decisions that resulted in improved integration performance
- Fully define interfaces in terms of origination, destination, stimulus, and data characteristics for software; and electrical and mechanical characteristics for hardware
Required Qualifications
- TS/SCI with agency appropriate poly
- Twenty (20) years' experience as a SE in programs and contracts of similar scope, type and complexity is required.
- Demonstrated experience in planning and leading Systems Engineering efforts is required. Bachelor's degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university is required.
- Five (5) years of additional SE experience may be substituted for a bachelor's degree.
Required Technical Skills
- Microsoft Defender for Endpoint (MDE) Expertise: Proven engineering experience with MDE architecture, deployment strategies via MECM/SCCM or Intune, policy ring management, and advanced hunting using Kusto Query Language (KQL).
- Trellix HX Expertise: Demonstrated experience engineering, deploying, and managing Trellix HX (formerly FireEye) controllers and agents within air-gapped or highly restricted networks, including the creation of OpenIOC and YARA rules.
- Operating System & Forensic Knowledge: In-depth technical understanding of Windows, Linux, and macOS internals, including file systems, registry structures, and process execution mechanics.
- Professional Standards: Compliance with DoD 8570/8140 IAM Level II or III baseline certifications
Desired Technical Skills
- Vendor Certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200), Azure Security Engineer Associate (AZ-500), or Trellix Certified Engineering credentials.
- Methodologies & Toolsets: Experience with Model-Based Systems Engineering (MBSE), Cameo, and workflow management within the Atlassian Suite (Jira, Confluence).
- Technical Frameworks: Familiarity with Agency Technical Manual Standards (e.g., Agency DS-89) and defense-in-depth engineering principles.
- Core Competencies: Strong record of team collaboration, exceptional transparency in managing high-consequence infrastructure, and an aptitude for developing technical leadership pipelines.
The Benefits Package
- Wyetech believes in generously supporting employees as they prepare for retirement. The company automatically contributes 20% of each employee's gross compensation to a Simplified Employee Pension (SEP) IRA, with no requirement for employee matching. All contributions are fully vested from day one, ensuring immediate ownership of retirement funds.
- Wyetech provides a generous PTO plan of up to 200 hours annually, aligned with applicable state leave regulations. Employees have the flexibility to adjust their PTO allocation at the start of each calendar year, ensuring it meets their evolving needs.
- A Choice of Medical Plan Options, some with Health Savings Account (HSA)
- Vision and Dental
- Life and AD&D Benefits
- Short and Long-Term Disability
- Hospital Indemnity, Accident, and Critical Illness Insurances
- Optional Identity Theft and Legal Protection Services
Company Environment & Perks
- Employee Referral Bonus Eligibility up to $10,000
- Mobility Among Wyetech-supported Contracts
- Various contract and work locations throughout Maryland, Virginia, Colorado, Texas, Utah, Alaska, Hawaii and OCONUS
- Various team-building events throughout the year such as: monthly lunches, summer company picnic, and an annual holiday party.
- Employees receive two complementary branded clothing orders annually.
More jobs at Wyetechllc
- Application Engineer 4 — Linthicum Heights, Maryland
- System Administrator 1 — Bluffdale, UT
- System Administrator 2 — Bluffdale, UT
- System Administrator 3 — Bluffdale, UT