Job SummaryThis effort is seeking an experienced endpoint security systems engineer to join our Cyber Security Engineering team. The focus of this team member will be to design, deploy, maintain, and upgrade endpoint security capabilities, with opportunities for cross training on our other security tools. Working in a hybrid cloud/on-prem mission environment the engineer will support integration of Linux and Windows hosted mission systems with the endpoint security product and maintaining the scan policies to ensure proper protection of mission systems from external threats.
Primary Responsibilities- Maintaining and upgrading the central management consoles (currently Trellix - ePolicy Orchestrator) on multiple isolated networks
- Managing the integration of mission application servers (Linux and Windows) with the management console
- Deploying malware protection software (currently Trellix Endpoint Threat Protection) updates and improved scan exclusion policies to mission application servers
- Responding promptly to mission teams to successfully troubleshoot issues with integration (including cases where excessive real time malware scans are believed to be impeding mission performance)
- Determine methods to automate and improve the performance of the endpoint security suite within a hybrid cloud/on-prem environment
- Integrate endpoint security scan processes for integrated reporting via external tools (such as Splunk or AppDynamics)
- Investigate findings of malware detected on mission application servers
Basic Qualifications- Experience with tools such as Trellix ePolicy Orchestrator and Trellix Endpoint Threat Protection
- Experience with maintaining systems on Linux and Windows platforms
- Ability to partner with mission application teams to jointly troubleshoot issues with endpoint security integration
- Experience with incident detection, incident response and forensics activities
- Strong attention to detail with analytical mind and outstanding problem-solving skills
- Bachelor's degree with at least 12 or more years relevant experience. Additional years of experience may be substituted in lieu of a degree.
- To be considered must have an active TS/SCI with polygraph security clearance
Preferred Qualifications- Experience with Cisco Secure Endpoint (formerly AMP for Endpoints) or other endpoint security tools
- Experience with Cloud Computing Technologies/Amazon Web Services (AWS)
- Experience integrating endpoint security tool findings with external products such as Splunk or AppDynamics
- Experience with managing endpoint security across on-prem and cloud environment boundaries
- Experience with additional cyber security tools and processes such as Splunk, Rapid7, SolarWinds, Cisco IDS/IPS, VPN, WebInspect, AppDetective
Original Posting:January 21, 2026
Pay Range:Pay Range $131,300.00 - $237,350.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.