Host Based Security System Administrator (TSSCI)

Mission One: Land The Job. Mission Two: Outdo Whats Next. Come #OutsmartOutdo at Leidos!

Leidos is seeking an experienced a TS/SCI cleared Host-Based Security System (HBSS) Administrator to support the management configuration and maintenance of endpoint security infrastructure across Department of Defense (DoD) and federal government networks. The ideal candidate brings hands-on experience with McAfee ePolicy Orchestrator (ePO) and the Trellix Security Platform Suite and operates comfortably within a compliance-driven environment governed by DoD standards. The position requires to perform job duties onsite at Langley Air Force base VA.

Roles and Responsibilities

• Manage deploy and maintain HBSS/Trellix endpoint protection technologies across enterprise networks to monitor detect and respond to security events.

• Configure and fine-tune HBSS modules including Host Intrusion Prevention System (HIPS) Data Loss Prevention (DLP) and Policy Auditor.

• Implement and maintain DISA Security Technical Implementation Guides (STIGs) to ensure systems remain audit-ready for command inspections and authorization reviews.

• Oversee OS and application patch deployments through McAfee ePO; track vulnerabilities and support Information Assurance (IA) compliance efforts.

• Identify and isolate system anomalies; assist with incident response activities and coordinate with engineering and security operations teams to resolve HBSS point-product issues.

• Monitor server and network health generate compliance and exception reports and brief leadership on system status as required.

• Support Authority to Operate (ATO) activities by maintaining accurate system documentation POA&Ms and security baselines.

• Coordinate with system owners and the ISSM/ISSO to ensure endpoint policies align with organizational security requirements.

Basic Qualifications

• Bachelors degree in Computer Science Cybersecurity Information Technology or a related field with 4-8 years of directly applicable experience. Additional years of relevant experience will be considered in lieu of degree.

• Must have a DoD TS/SCI Clearance.

• Certification: DoD 8570/8140-compliant certification at IAT Level II or higher CompTIA Security CE required at a minimum.

• Work will occur at government facilities in the Hampton Roads area. Travel may be required to CONUS and OCONUS locations

• Experience: 35 years of hands-on experience administering HBSS McAfee ePO or the Trellix Security Platform Suite in a DoD or federal government environment including deployment and management in a predominantly Red Hat Enterprise Linux (RHEL) environment.

• Technical Knowledge: Working knowledge of DISA STIGs NIST SP 800-53 and DoD IA policies and regulations; familiarity with Linux-specific HBSS agent deployment configuration and troubleshooting.

• System Administration: Proficiency in Red Hat Enterprise Linux (RHEL) administration including RPM package management SELinux policy systemd services and security baseline configuration as well as Windows Server administration and OS patching.

Preferred Qualifications

• Additional certifications such as CISSP CISA CEH or vendor-specific ePO/Trellix training and certification.

• Proficiency in scripting and automation (e.g. Bash PowerShell Python)

• Experience with Assured Compliance Assessment Solution (ACAS) / Tenable Nessus for vulnerability scanning and remediation tracking.

• Familiarity with Security Information and Event Management (SIEM) tools and integration with HBSS/Trellix event data.

• Experience supporting RMF Authorization packages including development of System Security Plans (SSPs) and continuous monitoring activities.

• Red Hat certifications such as RHCSA or RHCE or equivalent demonstrated Linux administration experience in a security-focused role.

• Knowledge of scripting (Bash Python or PowerShell) for automating HBSS agent deployments compliance checks or ePO reporting tasks across mixed OS environments.

• Prior experience in a SOC NOC or Cyber Defense environment supporting 24/7 operations.

• Familiarity with cloud-based endpoint security management or hybrid on-prem/cloud ePO deployments.

#DINM

DABAOPP1

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.