End-Point Protection Engineer - 4 with Security Clearance
Not Disclosed•Full-TimeRemote
location_on904, McDaniel Court, Herndon, Fairfax County, Virginia, 20170, United States
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, the company reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. We outthink, outbuild, and outpace the status quo because the mission demands it. We are not hiring followers; we are recruiting those who disrupt, provoke, and refuse to fail. We are already at step 30—moving faster than anyone else dares.
About the Role
The End-Point Protection Engineer provides senior engineering support for enterprise endpoint security across the SEC ISS contract environment. This role is critical for designing, implementing, and sustaining endpoint protection capabilities for Windows, macOS, and iOS endpoints, including workstation and server environments. The engineer ensures strict adherence to SEC security baselines and federal cybersecurity requirements.
In this position, you will drive operational visibility through automation, documentation, and transparent reporting to SEC stakeholders. You will lead vulnerability remediation, patch and supersedence execution, and POA&M closure activities to maintain a robust security posture and audit readiness. The role serves as a technical escalation point for complex endpoint incidents, coordinating with SOC and incident response stakeholders for broader investigations. You will also provide senior technical guidance to engineering and operations teams on endpoint security architecture and best practices, supporting audit remediation activities such as FISMA, IG, and GAO.
Hiring Process & Application
For U.S. positions, this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date. To apply, please submit your application through the official Leidos careers portal.
Security Notice: Leidos will never ask you to provide payment-related information during any part of the employment application process, nor will we advance money as part of the hiring process. We will only communicate with you through emails generated by the Leidos.com automated system. If you receive an email from a free commercial service (e.g., Gmail, Yahoo) or via WhatsApp/Telegram asking for personal or payment information, it is likely a scam. Please report such incidents to the U.S. Federal Trade Commission and contact local law enforcement.
Equal Opportunity & Culture
Leidos is committed to a diverse and inclusive workforce. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
Work location
Work model: Remote
904, McDaniel Court, Herndon, Fairfax County, Virginia, 20170, United States
Herndon, Virginia
Key Responsibilities
- check_circleArchitect and implement enterprise endpoint protection strategies across Windows, macOS, and iOS platforms
- check_circleDefine and enforce endpoint security baselines using Microsoft Defender for Endpoint and Microsoft Intune
- check_circleMonitor endpoint security telemetry and respond to threats, suspicious activity, and policy non-compliance
- check_circleCreate automation scripts and reporting workflows for endpoint compliance and vulnerability status tracking
- check_circleCollaborate with federal stakeholders and vendors to validate endpoint security posture and operational readiness
- check_circleProvide senior technical guidance on endpoint security architecture and support FISMA audit remediation activities
- check_circleLead vulnerability remediation, patch execution, and POA&M closure activities to maintain audit readiness
Requirements
- verifiedMust meet contract citizenship/work authorization requirements
- verifiedAbility to obtain and maintain SEC Public Trust clearance
- verifiedBachelor's degree in Information Technology, Computer Science, or Engineering
- verified8+ years of experience in enterprise endpoint security engineering
- verifiedAdvanced experience with Microsoft Defender for Endpoint and Microsoft Intune
- verifiedExperience with vulnerability management, endpoint patching, and POA&M resolution
- verifiedExperience with automation scripting for reporting and remediation
Nice to Have
Experience supporting federal IT operations under FISMA and NIST-aligned controls. Experience implementing endpoint compliance enforcement at enterprise scale across distributed/remote workforces. Experience integrating endpoint tooling and metrics into enterprise dashboards and executive reporting. Demonstrated success leading cross-team remediation efforts for audit findings and complex security incidents. Prior experience supporting SEC or similarly regulated federal civilian agency environments. Microsoft SC-200 (Security Operations Analyst) certification. Microsoft MD-102 (Endpoint Administrator) certification. CISSP certification.
Benefits & Perks
check_circleHealth and Wellness programscheck_circleIncome Protectioncheck_circlePaid Leavecheck_circleRetirement plans
Similar Job Opportunities
Cloud Security Engineer / Azure and M365 / Hybrid
Motion Recruitment • Valley Township, Pennsylvania
Not Disclosedarrow_forward
AntiVirus Engineer - Senior with Security Clearance
Chick-fil-A Restaurants • Washington, District of Columbia
$108k-195karrow_forward
Cloud Security Senior Consultant - M365
Deloitte • Boise, Idaho
$105k-208karrow_forward
Skills, education and keywords
Skills: Microsoft Defender For Endpoint, Microsoft Intune, Endpoint Vulnerability Assessment, Endpoint Patching, Supersedence Management, Antivirus, Endpoint Threat Triage, Automation Scripting, Fisma, Nist.
Education: Bachelor's in a relevant field (e.g., Information Technology, Computer Science, Engineering) required.
Frequently asked questions about End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants
What does a End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants do?expand_more
A End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants is responsible for the following: Architect and implement enterprise endpoint protection strategies across Windows, macOS, and iOS platforms; Define and enforce endpoint security baselines using Microsoft Defender for Endpoint and Microsoft Intune; Monitor endpoint security telemetry and respond to threats, suspicious activity, and policy non-compliance; and Create automation scripts and reporting workflows for endpoint compliance and vulnerability status tracking.
What are the requirements for this End-Point Protection Engineer - 4 with Security Clearance role?expand_more
To qualify for the End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants position, applicants should have: Must meet contract citizenship/work authorization requirements; Ability to obtain and maintain SEC Public Trust clearance; Bachelor's degree in Information Technology, Computer Science, or Engineering; 8+ years of experience in enterprise endpoint security engineering; Advanced experience with Microsoft Defender for Endpoint and Microsoft Intune; and Experience with vulnerability management, endpoint patching, and POA&M resolution.
Where is the End-Point Protection Engineer - 4 with Security Clearance role at Chick-fil-A Restaurants located?expand_more
End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants is based in 904, McDaniel Court, Herndon, Fairfax County, Virginia, 20170, United States. This is a remote role.
Is this End-Point Protection Engineer - 4 with Security Clearance job remote, hybrid, or on-site?expand_more
Chick-fil-A Restaurants has listed this End-Point Protection Engineer - 4 with Security Clearance role as remote.
How much experience is required for this End-Point Protection Engineer - 4 with Security Clearance role?expand_more
End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants typically requires 8+ years of relevant experience at the senior level.
What skills do you need for the End-Point Protection Engineer - 4 with Security Clearance role at Chick-fil-A Restaurants?expand_more
Key skills for End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants include Microsoft Defender For Endpoint; Microsoft Intune; Endpoint Vulnerability Assessment; Endpoint Patching; Supersedence Management; Antivirus; Endpoint Threat Triage; and Automation Scripting.
What education is required for End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants?expand_more
Educational requirements for this role: Bachelor's in a relevant field (e.g., Information Technology, Computer Science, Engineering) required.
What category does the End-Point Protection Engineer - 4 with Security Clearance role belong to?expand_more
End-Point Protection Engineer - 4 with Security Clearance at Chick-fil-A Restaurants is part of the it job category on Recrutus.