Job Requirements
Remote
Public Trust Polygraph Unspecified
Career Level not specified
$87,100 - $157,450
Job Description
R-00183914
Description
The End-Point Protection Engineer-_4 provides senior engineering support for enterprise endpoint security across the SEC ISS contract environment. This role designs, implements, and sustains endpoint protection capabilities for Windows, macOS, and iOS endpoints, including workstation and server environments, while enforcing SEC security baselines and federal cybersecurity requirements. The engineer leads vulnerability remediation, patch and supersedence execution, and POA&M closure activities to maintain security posture and audit readiness. The position also drives operational visibility through automation, documentation, and transparent reporting to SEC stakeholders.
Primary Responsibilities
Endpoint Security Engineering & Baseline Management
- Architect, implement, and maintain enterprise endpoint protection strategies across Windows, macOS, iOS, workstation, and server platforms.
- Define, enforce, and continuously improve endpoint security baselines using Microsoft Defender for Endpoint and Microsoft Intune.
- Lead deployment and configuration of antivirus and endpoint protection tooling, including policy tuning, signature/DAT update management, and scheduled scans.
- Validate new endpoint security configurations in controlled environments before production rollout.
Vulnerability, Patching & POA&M Execution
- Own endpoint patching strategy and execution across managed endpoint environments, including supersedence management.
- Monitor vulnerability findings, assess risk and severity, and coordinate remediation with technical teams and system owners.
- Lead development, tracking, and closure of endpoint POA&Ms with clear milestones and risk-based prioritization.
- Ensure remediation and patch activities support ongoing compliance objectives and audit readiness.
Threat Monitoring, Incident Response & Reporting
- Monitor endpoint security telemetry and respond to endpoint-specific threats, suspicious activity, and policy non-compliance.
- Serve as an escalation point for complex endpoint incidents and coordinate with SOC and incident response stakeholders for broader investigations.
- Create and maintain automation scripts and reporting workflows for endpoint compliance, vulnerability status, and remediation tracking.
- Maintain accurate SOPs, runbooks, and status reporting to support governance, audit response, and service transparency.
Stakeholder Coordination & Technical Leadership
- Collaborate with federal stakeholders, ISS teams, and partner vendors to validate endpoint security posture and operational readiness.
- Provide senior technical guidance to engineering and operations teams on endpoint security architecture and best practices.
- Support audit remediation activities (e.g., FISMA, IG, GAO) by preparing evidence and tracking corrective actions.
- Drive continuous improvement initiatives that increase automation, resilience, and efficiency of endpoint security operations.
Required Qualifications
Citizenship/Work Authorization: Must meet contract requirements.
Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).
Education: Bachelors in a relevant field (e.g., Information Technology, Computer Science, Engineering).
Experience:
- 8+ years of experience in enterprise endpoint security engineering in large, regulated environments.
- Advanced experience designing, implementing, and managing Microsoft Defender for Endpoint and Intune security baselines.
- Hands-on experience in vulnerability management, endpoint patching strategies, supersedence processes, and POA&M resolution.
- Experience documenting SOPs/runbooks and providing compliance-focused reporting to federal stakeholders.
Technical Skills:
- Microsoft Defender for Endpoint
- Microsoft Intune endpoint and mobile device security baseline management
- Endpoint vulnerability assessment, remediation coordination, and POA&M tracking
- Enterprise endpoint patching and supersedence management
- Antivirus/endpoint protection deployment, signature/DAT update operations, and scheduled scan management
- Endpoint threat triage, escalation, and response coordination
- Automation scripting for reporting and remediation
- Process documentation, status reporting, and compliance evidence support
Preferred Qualifications
- Experience supporting federal IT operations under FISMA and NIST-aligned controls.
- Experience implementing endpoint compliance enforcement at enterprise scale across distributed/remote workforces.
- Experience integrating endpoint tooling and metrics into enterprise dashboards and executive reporting.
- Demonstrated success leading cross-team remediation efforts for audit findings and complex security incidents.
- Prior experience supporting SEC or similarly regulated federal civilian agency environments.
- Microsoft SC-200 (Security Operations Analyst)
- Microsoft MD-102 (Endpoint Administrator)
- CISSP
WORK ENVIRONMENT / OTHER
Operational Support: May require participation in on-call or surge support activities depending on operational needs.
Location: Telework
Travel: As required per contract direction.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: June 1, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range: Pay Range $87,100.00 - $157,450.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#Remote
Description
The End-Point Protection Engineer-_4 provides senior engineering support for enterprise endpoint security across the SEC ISS contract environment. This role designs, implements, and sustains endpoint protection capabilities for Windows, macOS, and iOS endpoints, including workstation and server environments, while enforcing SEC security baselines and federal cybersecurity requirements. The engineer leads vulnerability remediation, patch and supersedence execution, and POA&M closure activities to maintain security posture and audit readiness. The position also drives operational visibility through automation, documentation, and transparent reporting to SEC stakeholders.
Primary Responsibilities
Endpoint Security Engineering & Baseline Management
- Architect, implement, and maintain enterprise endpoint protection strategies across Windows, macOS, iOS, workstation, and server platforms.
- Define, enforce, and continuously improve endpoint security baselines using Microsoft Defender for Endpoint and Microsoft Intune.
- Lead deployment and configuration of antivirus and endpoint protection tooling, including policy tuning, signature/DAT update management, and scheduled scans.
- Validate new endpoint security configurations in controlled environments before production rollout.
Vulnerability, Patching & POA&M Execution
- Own endpoint patching strategy and execution across managed endpoint environments, including supersedence management.
- Monitor vulnerability findings, assess risk and severity, and coordinate remediation with technical teams and system owners.
- Lead development, tracking, and closure of endpoint POA&Ms with clear milestones and risk-based prioritization.
- Ensure remediation and patch activities support ongoing compliance objectives and audit readiness.
Threat Monitoring, Incident Response & Reporting
- Monitor endpoint security telemetry and respond to endpoint-specific threats, suspicious activity, and policy non-compliance.
- Serve as an escalation point for complex endpoint incidents and coordinate with SOC and incident response stakeholders for broader investigations.
- Create and maintain automation scripts and reporting workflows for endpoint compliance, vulnerability status, and remediation tracking.
- Maintain accurate SOPs, runbooks, and status reporting to support governance, audit response, and service transparency.
Stakeholder Coordination & Technical Leadership
- Collaborate with federal stakeholders, ISS teams, and partner vendors to validate endpoint security posture and operational readiness.
- Provide senior technical guidance to engineering and operations teams on endpoint security architecture and best practices.
- Support audit remediation activities (e.g., FISMA, IG, GAO) by preparing evidence and tracking corrective actions.
- Drive continuous improvement initiatives that increase automation, resilience, and efficiency of endpoint security operations.
Required Qualifications
Citizenship/Work Authorization: Must meet contract requirements.
Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).
Education: Bachelors in a relevant field (e.g., Information Technology, Computer Science, Engineering).
Experience:
- 8+ years of experience in enterprise endpoint security engineering in large, regulated environments.
- Advanced experience designing, implementing, and managing Microsoft Defender for Endpoint and Intune security baselines.
- Hands-on experience in vulnerability management, endpoint patching strategies, supersedence processes, and POA&M resolution.
- Experience documenting SOPs/runbooks and providing compliance-focused reporting to federal stakeholders.
Technical Skills:
- Microsoft Defender for Endpoint
- Microsoft Intune endpoint and mobile device security baseline management
- Endpoint vulnerability assessment, remediation coordination, and POA&M tracking
- Enterprise endpoint patching and supersedence management
- Antivirus/endpoint protection deployment, signature/DAT update operations, and scheduled scan management
- Endpoint threat triage, escalation, and response coordination
- Automation scripting for reporting and remediation
- Process documentation, status reporting, and compliance evidence support
Preferred Qualifications
- Experience supporting federal IT operations under FISMA and NIST-aligned controls.
- Experience implementing endpoint compliance enforcement at enterprise scale across distributed/remote workforces.
- Experience integrating endpoint tooling and metrics into enterprise dashboards and executive reporting.
- Demonstrated success leading cross-team remediation efforts for audit findings and complex security incidents.
- Prior experience supporting SEC or similarly regulated federal civilian agency environments.
- Microsoft SC-200 (Security Operations Analyst)
- Microsoft MD-102 (Endpoint Administrator)
- CISSP
WORK ENVIRONMENT / OTHER
Operational Support: May require participation in on-call or surge support activities depending on operational needs.
Location: Telework
Travel: As required per contract direction.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: June 1, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range: Pay Range $87,100.00 - $157,450.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
#Remote
group id: SCNCAPI2
Introducing the Next Level of Leidos
