Senior Security Tools Administrator

The Senior Security Tools Administrator supports enterprise IT and cybersecurity and operations within a large-scale DHS environment. This position is responsible for the administration, maintenance, optimization, reporting, and lifecycle management of enterprise security and monitoring platforms used to support vulnerability management, application security testing, endpoint protection, infrastructure monitoring, compliance reporting, and operational visibility.

The environment includes enterprise security and monitoring tools such as Tenable Vulnerability Management, Invicti, CrowdStrike Falcon, Entuity, ServiceNow, Microsoft Endpoint Configuration Manager, Microsoft Intune, Power BI, and other platforms supporting security operations and enterprise infrastructure management. These tools provide visibility into vulnerabilities, endpoint health, network performance, applications security posture, compliance status, and operational risk across a large hybrid enterprise environment. The environment includes both Windows and Linux-based systems, with particular emphasis on Red Hat Enterprise Linux 8, which supports portions of the enterprise security and monitoring tool infrastructure.

The Senior Security Tools Administrator is expected to take ownership of assigned platforms, maintain tool health, support integrations, troubleshoot complex issues, develop automation, improve reporting accuracy, and coordinate with internal teams, customers, vendors, and technical stakeholders. The role requires a strong security tools background, practical troubleshooting ability, and the ability to translate technical findings into clear operational and executive-level reporting.

The position requires a candidate who can operate independently, manage competing priorities, communicate clearly, document work accurately, and contribute to continuous improvement across enterprise security and monitoring capabilities.

Responsibilities:

Security Tool Administration

• Administer, maintain, and optimize enterprise security platforms including Invicti, Nessus, Tenable Vulnerability Management, CrowdStrike Falcon, Entuity, and related security technologies.
  
• Support vulnerability management operations, including scan configuration, asset visibility, vulnerability analysis, remediation tracking, exception support, and compliance reporting.
  
• Maintain and troubleshoot vulnerability scanning infrastructure, scan schedules, credentials, authentication issues, scanner health, and data quality issues.
  
• Support web application and dynamic application security testing capabilities using Invicti or equivalent application security platforms.
  
• Administer infrastructure monitoring platforms such as Entuity to support network, server, and service availability monitoring.
  
• Administer or troubleshoot security and monitoring tools hosted on or integrated with Linux-based systems.
  
• Monitor tool health, investigate failed scans, incomplete data, sensor issues, agent issues, broken integrations, and reporting discrepancies.
  
• Ensure security and monitoring platforms remain patched, supported, compliant, and aligned with enterprise configuration standards.
  
• Coordinate with vendors and internal technical teams to resolve platform defects, integration issues, and operational outages.
  

Vulnerability Management and Compliance Support

• Analyze vulnerability and compliance data to identify trends, recurring issues, high-risk systems, aging vulnerabilities, and remediation gaps.
  
• Support reporting for vulnerability remediation, operational compliance, endpoint health, and security posture.
  
• Work with technical teams to validate remediation actions and improve vulnerability closure rates.
  
• Assist with customer-facing discussions related to vulnerability management, enterprise monitoring, compliance status, risk reduction, and tool performance.
  
• Support audit, inspection, and readiness activities by providing accurate system status, vulnerability, and compliance data.
  

Reporting, Automation, and Integration

• Develop and maintain reports, dashboards, and recurring data products using Power BI, ServiceNow, Tenable VM, Invicti, Entuity, and other enterprise data sources.
  
• Use PowerShell, APIs, SQL, or other automation methods to improve reporting, data normalization, platform administration, and repeatable operational tasks.
  
• Integrate security tool data with ServiceNow, Power BI, MECM, Intune, and other enterprise platforms where applicable.
  
• Produce routine and ad-hoc reports for technical leads, customers, and management detailing accurate point-in-time system status, compliance posture, vulnerabilities, and operational risks.
  
• Identify opportunities to automate repetitive administrative tasks and improve tool reliability, reporting quality, and operational efficiency.
  

Enterprise Operations Support

• Troubleshoot issues across Windows and Linux servers, workstations, servers, cloud environments, monitoring tools, vulnerability platforms, and endpoint management systems.
  
• Support day-to-day operations involving patching, compliance validation, endpoint security, vulnerability remediation, and monitoring.
  
• Manage and resolve ServiceNow ticket queues; perform trend and root-cause analysis to resolve recurring issues; document all work clearly in ServiceNow.
  
• Participate in customer meetings, technical working groups, vendor discussions, and internal planning sessions.
  
• Lead or contribute to technical discussions and develop required briefing materials to meet customer needs.
  
• Maintain a professional and collaborative work environment supporting team members, customers, stakeholders, and technical specialists.
  
• Provide weekly status updates to team leads.
  

Required Skills/Experience:

• Must be a U.S. Citizen and pass the DHS Employment Eligibility Verification process.
  
• Associates degree in related field or equivalent experience.
  
• 10+ years of experience in IT support, systems administration, cybersecurity operations, security tools administration, or related technical field.
  
• 5+ years of experience supporting enterprise security, vulnerability management, or infrastructure monitoring platforms.
  
• 4 years of active complex PowerShell experience, including scripting for administration, troubleshooting, reporting, or automation.
  
• Experience administering Microsoft Windows Server 2019, 2022, 2025 and Linux server environments.
  
• Strong knowledge of Microsoft Windows 10 and Windows 11 desktop operating systems.
  
• Security, Vulnerability, and Monitoring Platforms.
  
• Experience administering or supporting vulnerability management platforms such as Tenable Vulnerability Management, Tenable.sc, Nessus, Qualys, Rapid7, or equivalent tools.
  
• Experience supporting enterprise monitoring platforms such as Entuity, SolarWinds, LogicMonitor, PRTG, or equivalent tools.
  
• Experience supporting endpoint security or EDR platforms such as CrowdStrike Falcon, Microsoft Defender for Endpoint, Carbon Black, SentinelOne, or equivalent tools.
  
• Analysis and Troubleshooting.
  
• Experience analyzing vulnerability scan results, remediation data, compliance trends, and operational risks.
  
• Experience troubleshooting failed scans, agent issues, credentialed scanning problems, sensor issues, and data quality discrepancies.
  
• Experience using APIs, data exports, or reporting tools to collect, normalize, analyze, or present operational data.
  
• Exposure to reporting using Power BI, SQL, Excel, ServiceNow reporting, or equivalent reporting platforms.
  
• Strong written and verbal communication skills with the ability to clearly explain technical issues to customers, stakeholders, vendors, and technical specialists.
  
• Ability to work independently in a remote environment while managing multiple priorities.
  

Preferred Skills/Experience:

• Direct experience administering Tenable Vulnerability Management.
  
• Direct experience administering Invicti or another dynamic application security testing platform.
  
• Direct experience administering CrowdStrike Falcon.
  
• Direct experience administering Entuity.
  
• Direct experience administering or supporting Red Hat Enterprise Linux in an enterprise environment.
  
• Experience integrating security tools with ServiceNow.
  
• Experience developing Power BI dashboards for vulnerability management, compliance, endpoint health, tool performance, or executive reporting.
  
• Experience with REST APIs, PowerShell automation, JSON, CSV exports, SQL queries, or data normalization workflows.
  
• Experience supporting vulnerability remediation programs in a federal, DHS, DoD, or other large enterprise environment.
  
• Experience with vulnerability prioritization, risk-based remediation, exception tracking, and remediation validation.
  
• Experience supporting enterprise IT operations for 40,000+ endpoints across on-premises and cloud infrastructures.
  
• Experience with Microsoft Endpoint Configuration Manager, Microsoft Intune, or co-management in hybrid environments.
  
• Experience deploying or supporting endpoint agents, sensors, scanners, monitoring probes, or security platform connectors.
  
• Experience with Azure, AWS, or hybrid cloud environments.
  
• Experience with Azure Automation, AWS Systems Manager, PowerShell DSC, Ansible, or similar automation/configuration management tools.
  
• Experience using Windows Event Viewer, Windows Update logs, application logs, IIS logs, and platform-specific logs for troubleshooting.
  
• Experience creating technical documentation, SOPs, recurring reports, briefing materials, and customer-facing status updates.
  
• Experience working in ServiceNow ticketing system.
  

Physical and/or Mental Qualifications:

• Effectively communicate with customers, stakeholders, and technical specialists.
  

EOE, including Disability/Vets.

Reasonable accommodation will be made for qualified individuals with a disability, where such accommodation will not impose an undue hardship during the application process and on the job.