Service Desk Engineer

<p class="p1">At <strong>Ardent</strong>, we hire people who want more than a job — they want to serve a mission that matters. Our teams support the federal government’s most critical national security and defense priorities, helping protect the nation, strengthen resilience, and advance the technologies and capabilities that keep America secure. For veterans, cleared professionals, and purpose-driven innovators, Ardent is a place to continue serving alongside a team that understands the importance of the mission and the people behind it.</p> <p class="p1">We also know top talent has choices, which is why we back our mission with benefits and flexibility that stand out: competitive pay, comprehensive health coverage, flexible PTO, federal holidays off, tuition reimbursement, professional development support, wellness stipends, and a culture that values and rewards hard work, dedication, and adaptability. If you want to build something meaningful, while enjoying the kind of flexibility and support that you need to do your best work — <strong>Ardent</strong> is where your next mission begins.</p> <hr> <p><strong>Ardent</strong> is seeking a Service Desk Engineer to join our team.&nbsp;&nbsp;</p> <p>This is a <strong>onsite position in Washington DC</strong>.</p> <p><strong><u>Position Description:</u></strong></p> <p><strong>Ardent</strong> is seeking a <strong>Service Desk Engineer </strong>to design, implement, and maintain technical controls to reduce the risk of unauthorized initial discovery and lateral movement, malicious credential use and defense evasion, and persistence via machine key and related system-abuse techniques within CBO’s environment. The engineering services will also enable secure endpoint, identity, and device lifecycle operations in support of CBO’s threat detection and mitigation strategy. This scope does not include routine end-user help desk support, but rather engineering tasks to resolve issues arising from complex or escalated tickets.</p> <p><strong><span style="text-decoration: underline;">Responsibilities and Duties:</span></strong></p> <ul> <li style="font-weight: bold;">Design and maintain secure standard workstation images that enable access to the VDI environment for remote users on both macOS and Windows platforms.</li> <li style="font-weight: bold;">Design and maintain secure standard workstation images that enable access to the VDI environment for on-site users on both macOS and Windows platforms.</li> <li style="font-weight: bold;">Engineer and maintain operating system and application patching, version control, and lifecycle management for supported applications, ensuring delivery through approved mechanisms such as a company application store, Microsoft Intune, or Group Policy Objects (GPO) based on user role and access level.</li> <li style="font-weight: bold;">Engineering and maintaining secure baseline configurations for macOS and Windows endpoints to support both on-site and remote access use cases.</li> <li style="font-weight: bold;">Using Ivanti and KACE to manage operating system and application patching, version control, deployment workflows, and remediation of configuration drift.</li> <li style="font-weight: bold;">Leveraging Microsoft Intune to enforce device compliance, configuration profiles, security policies, and conditional access requirements based on user role and device posture.</li> <li style="font-weight: bold;">Design, build, and maintain standardized, division-specific workstation images for macOS and Windows that incorporate approved baseline security controls and required VDI/remote access clients.</li> <li style="font-weight: bold;">Maintain imaging toolchains and automation scripts (Ivanti, KACE, JAMF, or equivalent) used for image creation, testing, and deployment; validate image integrity prior to production release.</li> <li style="font-weight: bold;">Engineer and operate patch management processes using Ivanti (or equivalent) for OS and third-party application patching; coordinate Intune/GPO-based patch orchestration for Windows endpoints.</li> <li style="font-weight: bold;">Implement and maintain enrollment workflows for Intune, Autopilot (Windows), and Apple Business Manager / JAMF for macOS and iOS devices.</li> </ul> <p><span style="text-decoration: underline;"><strong>Requirements:&nbsp;</strong></span></p> <ul> <li style="font-weight: bold;"><strong>This position requires active Top Secret Clearance&nbsp;</strong></li> <li>Bachelor’s degree in Information Technology, Cybersecurity, or a related field (or equivalent experience).</li> <li>Eight (8) years of experience in Information Technology, Endpoint Engineering, or Cybersecurity.</li> <li>Six (6) years of experience performing engineering (not help desk) functions in enterprise environments.</li> <li>Experience working under formal change control, audit, and security governance processes.</li> </ul> <p>Due to the nature of the work we support, all candidates in consideration for this role must be willing to undergo the government issued background investigation process.</p> <hr> <p><strong>Ardent </strong>is an equal opportunity employer. We will not discriminate in employment, recruitment, advertisements for employment, compensation, termination, upgrading, promotions, and other conditions of employment against any employee or job applicant on the bases of race, color, gender, national origin, age, religion, creed, disability, veteran's status, sexual orientation, gender identity, gender expression, or any other basis protected by state, local, or federal law.</p> <p>&nbsp;</p> <p>&nbsp;</p>