Information Systems Security Engineer

CareerCircle
Chantilly, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Part-time (≤ 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 195K

Job location

Chantilly, United States of America

Tech stack

Microsoft Excel
Microsoft Windows
Agile Methodologies
Amazon Web Services (AWS)
Microsoft Antivirus
iOS
Apple Mac Systems
Systems Engineering
Confluence
JIRA
Audit Trail
User Authentication
Azure
Bash
Microsoft Outlook
Command-Line Interface
Software as a Service
Cloud Computing
Cloud Computing Security
Configuration Management
Signals Intelligence
CompTIA Security+
Computer Security
Information Systems
Continuous Integration
Information Leak Prevention
Data Security
Linux
DevOps
Digital Forensics
Email Filtering
Monitoring of Systems
Intrusion Detection and Prevention
Virtual Private Networks (VPN)
Information Systems Security Architecture Professional
JavaScript Libraries
Python
Key Management
Network Security
Log Analysis
Microsoft Office
Multi-Purpose Internet Mail Extensions (MIME)
Routing
NT LAN Manager
Powershell
Scrum
Systems Development Life Cycle
Rapid Prototyping Process
Ansible
Phishing
Security Information and Event Management
Software Engineering
SonarQube
System Software
Systems Integration
Software Vulnerability Management
Data Logging
Network Routing
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Enterprise Software Applications
Computer Network Operations
Okta
Data Ingestion
React
Cyber Threat Analysis
Firewalls (Computer Science)
Infrastructure as Code (IaC)
Cloudformation
Microsoft InTune
Information Technology
Google Cloud Functions
Nessus
Microsoft Sentinel
Casper Suite
Malware Detection
GraphQL
3-tier Architectures
CIS Benchmarks
Terraform
Document Classification
Operating System Security
Oracle Cloud Infrastructure
Splunk
Devsecops
Serverless Computing
Plan of Action and Milestones
Vulnerability Analysis
Programming Languages

Job description

JIRA Jamf Mac OS Tooling Auditing Equities Phishing Telemetry Apple IOS Pipelines Management Automation Governance Encryption Market Data Communication Investigation Microsoft 365 Email Security Azure Sentinel NT LAN Manager Risk Management Law Enforcement Azure Functions Confidentiality Ancient History Slack (Software) Windows Defender Threat Detection Operating Systems Security Policies Incident Response Windows PowerShell Facebook Graph API Security Solutions Business Objectives Information Privacy Operations Security Security Governance Security Engineering Business To Business Technical Leadership Willingness To Learn Data Loss Prevention Atlassian Confluence Anti-Spam Techniques Compliance Assurance Compliance Management Packaging And Labeling Information Technology Operational Efficiency Document Classification Product Family Engineering Office 365 Exchange Online Software As A Service (SaaS) Troubleshooting (Problem Solving) Security Information And Event Management (SIEM) Microsoft Intune (Mobile Device Management Software) Secure/Multipurpose Internet Mail Extensions (S/MIME), Leidos is seeking an experienced M365 Security and Compliance Administrator to join our Information Technology team. This role requires a seasoned professional who can strategically manage and enhance the security and compliance posture of the M365 environment within a GCC (Government Community Cloud) tenant, particularly in a federal agency context. This senior engineering role sits at the center of the organization's device, identity, and M365 security ecosystem. The engineer is responsible for protecting enterprise Windows, macOS, iOS/iPadOS endpoints; ensuring compliant, reliable access to M365 services, and driving rapid engineering responses to vulnerabilities, outages, and operational risks. The successful candidate will apply with deep technical expertise, cross-platform engineering capability, and high operational security judgment.

Role Summary: Responsible for securing and maintaining compliance of the Microsoft 365 (M365) ecosystem and enterprise endpoints. Leads security governance, implements and enforces controls across M365, email, identity, devices, and telemetry, and provides incident response and audit/ATO support to ensure alignment with federal and organizational security requirements.

Primary Responsibilities

Strategic security oversight & governance

  • Lead the development, implementation, and ongoing management of M365 security policies, standards, and technical guardrails aligned to federal requirements and organizational controls.
  • Own governance for data protection capabilities including document classification, labeling, retention, and Data Loss Prevention (DLP) using Microsoft Purview.

Email security & compliance management (Exchange Online)

  • Define and enforce email security policies such as encryption, sensitivity labeling, and secure mail flow to reduce unauthorized disclosure.
  • Implement and maintain email encryption solutions (S/MIME and/or Microsoft Information Protection) to protect confidentiality of email communications.
  • Administer and monitor anti-spam, anti-phishing, and anti-malware protections to defend against evolving threats.

Identity, access, and conditional access (Entra ID)

  • Engineer and validate device-compliance-based Conditional Access policies across Windows, macOS, and mobile platforms.
  • Investigate and remediate Conditional Access failures, identity anomalies, and external/guest access issues, including M365 B2B trust and secure partner collaboration requirements.

Endpoint & device security engineering (Intune)

  • Design, test, and deploy Intune configuration and compliance policies for Windows, macOS, and iOS/iPadOS, including Enrollment Status Pages (ESPs) and OOBE workflows.
  • Develop remediation scripts (PowerShell/platform scripts/configuration profiles) to close compliance gaps and enforce security baselines.
  • Coordinate enterprise rollout of urgent vulnerability mitigations and validated vendor fixes; support vulnerability reviews and baseline rebuilds.

Risk management & compliance assurance (ATO / controls)

  • Establish and operate a risk management approach to identify, assess, and mitigate security risks across the M365 ecosystem.
  • Support ATO/control assessment activities by drafting implementation statements, collecting artifacts, and providing evidence aligned to audit/logging requirements.

Security monitoring, SIEM, and telemetry engineering (Defender / Sentinel)

  • Lead integration and operational management of Microsoft Defender and Microsoft Sentinel for threat detection, alerting, and response across M365.
  • Build and maintain SIEM integrations/connectors (e.g., M365, collaboration and identity systems) and develop ingestion pipelines (e.g., Azure Function Apps) for third-party logs.
  • Tune audit retention, analytic rules, and alert logic to improve signal quality and investigation readiness.

Incident response & operational support / collaboration

  • Provide Tier 3 troubleshooting for device compliance failures, identity/access incidents, telemetry gaps, and OS/app protection issues.
  • Partner with cross-functional teams to align security solutions with business objectives, deliver technical leadership, and support enterprise syncs and operational reviews.

Continuous improvement & innovation

  • Stay current on M365 security/compliance updates, industry trends, and emerging capabilities; drive improvements to security posture and operational efficiency (including use of GCC Copilot where appropriate).

Platform Scope / Tooling Microsoft 365 (GCC), Microsoft Purview (DLP/labels/classification/retention), Exchange Online, Entra ID & Conditional Access, Microsoft Intune, Microsoft Defender, Microsoft Sentinel, Azure (Function Apps / Log Analytics), plus integrations with collaboration/IT systems (e.g., ticketing and SaaS log sources).

Day in the Life"

Morning

  • Review Sentinel incidents, Defender telemetry gaps, and compliance drift.
  • Respond to overnight CAP failures, Slack EMM issues, or OS update regressions.
  • Join device/enterprise standups.

Midday

  • Build/test remediation scripts (CVE fixes, NTLM disablement, compliance corrections).
  • Deploy or test Intune configuration profiles, ESP changes, or app protection updates.
  • Troubleshoot support cases with Microsoft (Purview DSPM, Copilot logs, Okta connector).

Afternoon

  • Conduct cross-team investigations (external-user access anomalies, Teams meeting forensics).
  • Validate CAP behaviors across platforms using test devices.
  • Work on ATO evidence packages and documentation.

End of Day

  • Update Jira tasks, Confluence documentation, and CR submissions.
  • Send status updates on active investigations, mitigations, and test results., Linux DevOps Ansible Firewall NIST 800 Equities Scripting Terraform Automation Subnetwork Market Data NIST 800-37 NIST 800-53 AI Security Open Mindset Communication Routing Table Cloud Security System Software Network Routing Ancient History Network Security Agile Methodology Security Analysis Workflow Management Amazon Web Services Cloud Infrastructure Technological Change Programming Languages Continuous Monitoring Vulnerability Scanning Command-Line Interface Database Administration Security Implementation Bash (Scripting Language) Assessment And Authorization Information Systems Security Scrum (Software Development) Infrastructure as Code (IaC) Security Requirements Analysis Virtual Private Networks (VPN) Systems Development Life Cycle Software Development Life Cycle AWS Certified Cloud Practitioner Troubleshooting (Problem Solving) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0

Google IT Support Cybersecurity Engineer SME Leidos

Bethesda, MD*On-Site

Linux CI/CD Splunk Nessus Rapid7 Ansible Auditing Firewall Equities Scripting SonarQube DevSecOps Pipelines Operations Automation Purchasing Upskilling Market Data Coordinating Oracle Cloud Cryptography Investigation Cyber Security Key Management Risk Management Authentications Cloud Computing Ancient History Network Security Security Controls Incident Response CompTIA Security+ Digital Forensics System Monitoring Endpoint Security Cyber Engineering Analytical Method Windows PowerShell AWS CloudFormation Systems Engineering Amazon Web Services Time Off Management Security Engineering Software Development Contingency Planning Signals Intelligence Programming Languages Regulatory Frameworks Vulnerability Scanning Security Configuration Cyber Security Policies Configuration Management Vulnerability Management Certified Ethical Hacker Cyber Security Standards Cybersecurity Compliance Risk Management Framework Authorization (Computing) Cyber Threat Intelligence Cyber Security Assessment IT Security Documentation Agile Software Development Splunk Enterprise Security Google Cloud Platform (GCP) Computer Network Operations Change Management Processes Information Systems Security Customer Information Systems React.js (Javascript Library) Python (Programming Language) Enterprise Application Software Endpoint Detection And Response Troubleshooting (Problem Solving) Host Based Security System (HBSS) Intrusion Detection And Prevention CompTIA Cybersecurity Analyst (CySA+) Plan Of Action And Milestones (POA&M) Security Information And Event Management (SIEM) Certified Information Systems Security Professional Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0 Information Systems Security Engineer (Part-time) Leidos

Columbia, MD*On-Site

Auditing Equities Operations Purchasing Upskilling Market Data NIST 800-53 Cryptography Self-Starter Key Management Microsoft Excel Ancient History Defense In Depth Microsoft Outlook Rapid Prototyping Analytical Method Systems Engineering GIAC Certifications Enterprise Security Technology Research Time Off Management Security Engineering Software Development CompTIA Security+ CE Signals Intelligence Information Assurance Prototype Development Risk Management Framework Computer Network Operations Information Systems Security GIAC Security Leadership Certification Systems Security Certified Practitioner Top Secret-Sensitive Compartmented Information (TS/SCI Clearance) +0 Login | JoinContact

Requirements

Technical Skills

  • Expert-level Intune engineering across Windows/macOS/iOS/iPadOS.
  • Advanced PowerShell for remediation, automation, and OS image manipulation.
  • Deep experience with Microsoft Defender (XDR, Endpoint, Cloud Apps).
  • Hands-on with Sentinel SIEM, Function Apps, and cross-platform telemetry pipelines.
  • Strong understanding of CAP architecture and identity risk enforcement.
  • Experience with ATO control evidence, compliance mapping, and audit support.

Soft Skills

  • Growth mindset and willingness to learn emerging security domains.
  • Strong cross-team collaboration (Cyber, Ops, EA, ICAM, Comms).
  • Excellent communication-clear summaries, user-impact translation, and documentation.
  • High reliability, ownership, and situational awareness during high-severity events., * Prior experience in federal security, high-compliance, or high-assurance environments.
  • Experience with Jamf, Okta connectors, Copilot audit logging, Graph API operations.
  • Experience with mSCP baseline engineering and macOS security hardening.
  • Prior involvement in enterprise-wide Conditional Access enforcement.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

Benefits & conditions

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

About the company

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .

Apply for this position