Deskside Technician (Mid-level)

Empower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving complex challenges in Health, Defense, and Civilian missions. Our proven Empower AI Platform® provides a practical, sustainable path for clients to achieve transformation that is true to who they are, what they do, how they work, with the resources they have. The result is a government workforce that is exponentially more creative and productive. For more information, visit www.Empower.ai.

Empower AI is proud to be recognized as a 2024 Military Friendly Employer by Viqtory, the publisher of G.I. Jobs. This designation reflects the company’s commitment to hiring and supporting active-duty and veteran employees.

Primary Duty – Tier II Systems Analysis, PKI Trusted Agent Authority, and Independent Judgment

The primary duty of this position is the independent application of systems analysis techniques and specialized technical knowledge to: analyze and diagnose Tier II incidents and select appropriate remediation; design and modify workstation imaging and software configurations to user-specific functional specifications; exercise Trusted Agent authority under DoD PKI policy for SIPRNet PKI token issuance; analyze cyber vulnerability data and select remediation approaches; and consult with users to determine functional specifications. Each incident, token request, vulnerability remediation, and configuration decision is a discrete systems-analysis problem applied to a user-specific or system-specific fact pattern. The candidate exercises discretion and independent judgment in diagnosis, in resolution path selection, in PKI Trusted Agent authentication decisions, in vulnerability remediation prioritization, and in configuration design — without continuous direct supervision on individual technical decisions. Technical execution of the resulting decisions is incidental to and performed in furtherance of this primary analytical duty.

• Independently analyzes and diagnoses hardware, software, and connectivity incidents across NIPRNet, SIPRNet, and higher classification networks; determines root cause through systems analysis techniques and selects technically appropriate remediation for each incident based on user-specific and system-specific fact patterns.
• Consults with users to determine functional specifications for hardware, software, peripheral, and authentication configurations; designs configuration approaches that meet user-specific operational requirements while maintaining J6 baseline compliance.
• Designs and modifies workstation imaging configurations based on user-specific functional specifications; determines premium-load and user-unique software configurations for each workstation; exercises specialized judgment in resolving imaging exceptions and configuration conflicts where the standard baseline does not meet operational requirements.
• Serves as a Trusted Agent (TA) under DoD PKI policy with authority to process Joint Staff SIPRNet PKI token requests to the Registration Authority for authentication credential issuance; exercises specialized judgment in validating identity proofing documentation, evaluating request legitimacy, and applying DoD PKI policy to each request affecting classified-network access; coordinates token delivery to end users. The Trusted Agent workload averages approximately 200 token-related requests per month, with each request requiring independent application of DoD PKI policy to a user-specific authentication decision.
• Independently performs CAC and SIPRNet PKI token PIN reset analysis during Core Business Hours at Pentagon, Taylor Building, and Mark Center; provides after-hours analytical support at the Pentagon; exercises specialized judgment in identifying authentication failure root cause and selecting reset approach.
• Independently manages MFA physical security token inventory including 100 YubiKey security tokens; analyzes token assignment requests, consults with users to determine MFA functional specifications, and provides specialized user instruction on Government-approved MFA and 2FA physical security tokens; produces monthly MFA Security Token Inventory analysis for Government leadership.
• Analyzes cyber vulnerability scan output to identify the most vulnerable computers across the endpoint fleet; selects appropriate remediation approaches for each vulnerability based on system-specific risk and operational impact; remediates a minimum of 15 of the most vulnerable computers per network per week, with 95% remediation accuracy reflecting accountability for the analytical work performed; coordinates with J6 Cyber Security teams on complex vulnerability classes; produces the weekly Cyber Vulnerability Remediation Report with analytical findings.
• Designs and executes manual software patching strategies for approximately 150 standalone (non-networked) computers; determines patch sequencing, validation procedures, and rollback contingencies for each standalone system; publishes patching schedule and produces the monthly Standalone Patching Compliance Report with analytical findings on compliance posture.
• Utilizes DameWare remote access tools as one of multiple resolution approaches; independently determines whether electronic distribution, remote configuration modification, or on-site analytical intervention is the appropriate technical approach for each incident.
• Analyzes data preservation requirements when performing operations that risk data loss; designs backup, restore, and verification sequencing for each operation; ensures DAR application verification and compliant device security configurations on all required systems; exercises specialized judgment in DAR exception cases.
• Documents technical decisions, configuration rationale, root-cause analyses, and remediation outcomes in ServiceNow; submits digitally signed DD Form 1150 in DPAS within three business days of service fulfillment; analyzes bench stock equipment requirements and produces the weekly Equipment on Hand Report with anticipated shortfall analysis for Government leadership.
• Identifies recurring technical patterns across Tier II incidents, vulnerability classes, and token-request scenarios; contributes recommendations for SOP improvements, baseline configuration updates, and PKI Trusted Agent procedural refinements to J6 program leadership.

Highlights of Responsibilities

In fulfillment of the primary duty described above, and in performance of PWS Section 6.4 task requirements, the candidate is responsible for:

• Analyzing and diagnosing hardware, software, and connectivity incidents across NIPRNet, SIPRNet, and higher classification networks; determining root cause and selecting technically appropriate remediation for each incident.
• Consulting with users to determine functional specifications for hardware, software, peripheral, and authentication configurations.
• Designing and modifying workstation imaging configurations based on user-specific functional specifications; determining premium-load and user-unique software configurations; resolving imaging exceptions.
• Serving as a Trusted Agent (TA) under DoD PKI policy to process Joint Staff SIPRNet PKI token requests to the Registration Authority for authentication credential issuance; exercising specialized judgment in DoD PKI policy application across approximately 200 token-related requests per month, each requiring an independent authentication decision affecting classified-network access.
• Analyzing CAC and SIPRNet PKI token PIN reset incidents during Core Business Hours at Pentagon, Taylor Building, and Mark Center; providing after-hours analytical support at the Pentagon.
• Managing MFA physical security token inventory including 100 YubiKey security tokens; analyzing token assignment requests; providing specialized user instruction on Government-approved MFA and 2FA physical security tokens; producing monthly MFA Security Token Inventory analysis.
• Analyzing cyber vulnerability scan output and selecting appropriate remediation approaches; remediating a minimum of 15 of the most vulnerable computers per network per week with 95% remediation accuracy; producing the weekly Cyber Vulnerability Remediation Report.
• Designing and executing manual software patching strategies for approximately 150 standalone (non-networked) computers; determining patch sequencing, validation procedures, and rollback contingencies; producing the monthly Standalone Patching Compliance Report.
• Utilizing DameWare remote access tools as one of multiple resolution approaches; determining the appropriate technical approach for each incident.
• Analyzing data preservation requirements; designing backup, restore, and verification sequencing; ensuring DAR application verification and compliant device security configurations.
• Documenting technical decisions, configuration rationale, and analytical findings in ServiceNow; submitting digitally signed DD Form 1150 in DPAS within three business days of service fulfillment; producing the weekly Equipment on Hand Report.
• Identifying recurring technical patterns across Tier II incidents, vulnerability classes, and token-request scenarios; contributing recommendations for SOP improvements, baseline configuration updates, and PKI Trusted Agent procedural refinements to J6 program leadership.

Requirements

• Active Secret security clearance at time of award.
• Demonstrated ability to independently apply systems analysis techniques and specialized technical knowledge to analyze Tier II incidents, design configurations, exercise DoD PKI Trusted Agent authority, and resolve technical issues without continuous direct supervision.
• Ability to exercise discretion and independent judgment in incident diagnosis and resolution path selection, in PKI Trusted Agent authentication decisions under DoD PKI policy, in cyber vulnerability remediation prioritization, in imaging configuration design, and in DAR exception handling.
• Working knowledge of enterprise endpoint computing, workstation imaging and configuration design, DoD PKI policy and Trusted Agent procedures, CAC and SIPRNet PKI token operations, MFA YubiKey programs, cyber vulnerability analysis and remediation, standalone patching design, DameWare remote access, DAR application verification, and DPAS asset accountability.
• Strong analytical and problem-solving skills with a demonstrated record of resolving technically complex incidents through independent systems analysis.
• Strong customer service orientation with demonstrated experience in DoD or other large federal customer environments.
• Ability to effectively prioritize and execute analytical tasks across multiple concurrent incidents and concurrent program responsibilities (Trusted Agent, MFA inventory, vulnerability remediation, standalone patching) in a high-pressure environment.
• Good written, oral, and interpersonal communication skills; ability to present technical decisions and analytical findings in business-friendly and user-friendly language.
• Ability to conduct research into PC and software issues and products as required to support technical decisions.
• Highly self-motivated and directed; capable of operating with minimal supervision on individual technical decisions.
• Keen attention to detail and rigorous documentation standards consistent with DoD compliance requirements.
• Team-oriented and skilled in working within a collaborative environment, including coordination with J6 Cyber Security teams and J6 Account Management.

Education and Experience

• Required Education: Bachelor's degree in Information Technology, Computer Science, Information Systems, or a related technical discipline; or equivalent combination of advanced vendor certification (including vendor certification in the technology being applied) and directly relevant professional experience accepted in lieu of degree.
• Required Experience: 5 or more years of progressively responsible professional experience in enterprise endpoint computing, IT systems analysis, or classified network administration in roles requiring independent judgment and technical decision-making.
• Preferred Experience: Prior experience supporting a DoD or J6 customer environment, including PKI/Trusted Agent operations, classified network experience, or DoD security token program support.
• Required Certifications: ITIL v4 Foundations, CompTIA Security+, HDI Desktop Advanced Support Technician.
• Preferred Certifications: CompTIA A+, Microsoft 365 Certified: Modern Desktop Administrator, Dell TechDirect certification.

Physical Requirements

The essential physical functions below are incidental to the primary analytical duties of this position and are performed in furtherance of the technical responsibilities described herein:

• Ability to sit and stand for extended periods in a professional office environment.
• Ability to ambulate throughout office buildings and supported facilities.
• Ability to stoop, kneel, crouch, or crawl as required to access equipment in confined spaces.
• Ability to repeatedly lift and carry equipment up to 50 pounds.

All hiring and promotion decisions at Empower AI are based on merit to bring the best talent available to contribute to our firm’s overall success. It is the policy of Empower AI not to discriminate against any applicant for employment, or employee because of age, color, sex, disability, national origin, race, religion, or veteran status. Empower AI is a VEVRAA Federal Contractor.