Principal Endpoint Security Systems Engineer

Description

Leidos has a new and exciting opportunity a Principal Endpoint Security Systems Engineer in our National Security Sector's (NSS) Cyber & Analytics Business Area (CABA). Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. At Leidos, we offer competitive benefits, including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in National Security!

Job Description

This effort is seeking an experienced endpoint security systems engineer to join our Cyber Security Engineering team. The focus of this team member will be to design, deploy, maintain, and upgrade endpoint security capabilities, with opportunities for cross training on our other security tools. Working in a hybrid cloud/on-prem mission environment the engineer will support integration of Linux and Windows hosted mission systems with the endpoint security product and maintaining the scan policies to ensure proper protection of mission systems from external threats.

• Maintaining and upgrading the central management consoles (currently Trellix - ePolicy Orchestrator) on multiple isolated networks
• Managing the integration of mission application servers (Linux and Windows) with the management console
• Deploying malware protection software (currently Trellix Endpoint Threat Protection) updates and improved scan exclusion policies to mission application servers
• Responding promptly to mission teams to successfully troubleshoot issues with integration (including cases where excessive real time malware scans are believed to be impeding mission performance)
• Determine methods to automate and improve the performance of the endpoint security suite within a hybrid cloud/on-prem environment
• Integrate endpoint security scan processes for integrated reporting via external tools (such as Splunk or AppDynamics)
• Investigate findings of malware detected on mission application servers

• Experience with tools such as Trellix ePolicy Orchestrator and Trellix Endpoint Threat Protection
• Experience with maintaining systems on Linux and Windows platforms
• Ability to partner with mission application teams to jointly troubleshoot issues with endpoint security integration
• Experience with incident detection, incident response and forensics activities
• Strong attention to detail with analytical mind and outstanding problem-solving skills
• Bachelor's degree with at least 12 or more years relevant experience. Additional years of experience may be substituted in lieu of a degree.
• To be considered must have an active TS/SCI with polygraph security clearance

• Experience with Cisco Secure Endpoint (formerly AMP for Endpoints) or other endpoint security tools
• Experience with Cloud Computing Technologies/Amazon Web Services (AWS)
• Experience integrating endpoint security tool findings with external products such as Splunk or AppDynamics
• Experience with managing endpoint security across on-prem and cloud environment boundaries
• Experience with additional cyber security tools and processes such as Splunk, Rapid7, SolarWinds, Cisco IDS/IPS, VPN, WebInspect, AppDetective