Systems Engineer – Microsoft 365 Security & Compliance / Endpoint S...

Apply Now

Description

Leidos is seeking an experienced M365 Security and Compliance Administror to join our Informion Technology team. This role requires a seasoned professional who can stregically manage and enhance the security and compliance posture of the M365 environment within a GCC (Government Community Cloud) tenant, particularly in a federal agency context. This senior engineering role sits the center of the organizion’s device, identity, and M365 security ecosystem. The engineer is responsible for protecting enterprise Windows, macOS, iOS/iPadOS endpoints; ensuring compliant, reliable access to M365 services, and driving rapid engineering responses to vulnerabilities, outages, and operional risks.  The successful candide will apply with deep technical expertise, cross-plform engineering capability, and high operional security judgment.

Role Summary: Responsible for securing and maintaining compliance of the Microsoft 365 (M365) ecosystem and enterprise endpoints. Leads security governance, implements and enforces controls across M365, email, identity, devices, and telemetry, and provides incident response and audit/ATO support to ensure alignment with federal and organizional security requirements.

Primary Responsibilities

Stregic security oversight & governance

• Lead the development, implemention, and ongoing management of M365 security policies, standards, and technical guardrails aligned to federal requirements and organizional controls.

• Own governance for da protection capabilities including document classificion, labeling, retention, and Da Loss Prevention (DLP) using Microsoft Purview.

Email security & compliance management (Exchange Online)

• Define and enforce email security policies such as encryption, sensitivity labeling, and secure mail flow to reduce unauthorized disclosure.

• Implement and maintain email encryption solutions (S/MIME and/or Microsoft Informion Protection) to protect confidentiality of email communicions.

• Administer and monitor anti-spam, anti-phishing, and anti-malware protections to defend against evolving thres.

Identity, access, and conditional access (Entra ID)

• Engineer and valide device-compliance–based Conditional Access policies across Windows, macOS, and mobile plforms.

• Investige and remedie Conditional Access failures, identity anomalies, and external/guest access issues, including M365 B2B trust and secure partner collaborion requirements.

Endpoint & device security engineering (Intune)

• Design, test, and deploy Intune configurion and compliance policies for Windows, macOS, and iOS/iPadOS, including Enrollment Stus Pages (ESPs) and OOBE workflows.

• Develop remediion scripts (PowerShell/plform scripts/configurion profiles) to close compliance gaps and enforce security baselines.

• Coordine enterprise rollout of urgent vulnerability mitigions and valided vendor fixes; support vulnerability reviews and baseline rebuilds.

Risk management & compliance assurance (ATO / controls)

• Establish and opere a risk management approach to identify, assess, and mitige security risks across the M365 ecosystem.

• Support ATO/control assessment activities by drafting implemention stements, collecting artifacts, and providing evidence aligned to audit/logging requirements.

Security monitoring, SIEM, and telemetry engineering (Defender / Sentinel)

• Lead integrion and operional management of Microsoft Defender and Microsoft Sentinel for thre detection, alerting, and response across M365.

• Build and maintain SIEM integrions/connectors (e.g., M365, collaborion and identity systems) and develop ingestion pipelines (e.g., Azure Function Apps) for third-party logs.

• Tune audit retention, analytic rules, and alert logic to improve signal quality and investigion readiness.

Incident response & operional support / collaborion

• Provide Tier 3 troubleshooting for device compliance failures, identity/access incidents, telemetry gaps, and OS/app protection issues.

• Partner with cross-functional teams to align security solutions with business objectives, deliver technical leadership, and support enterprise syncs and operional reviews.

Continuous improvement & innovion

• Stay current on M365 security/compliance updes, industry trends, and emerging capabilities; drive improvements to security posture and operional efficiency (including use of GCC Copilot where approprie).

Plform Scope / Tooling Microsoft 365 (GCC), Microsoft Purview (DLP/labels/classificion/retention), Exchange Online, Entra ID & Conditional Access, Microsoft Intune, Microsoft Defender, Microsoft Sentinel, Azure (Function Apps / Log Analytics), plus integrions with collaborion/IT systems (e.g., ticketing and SaaS log sources).

“Day in the Life"

Morning

• Review Sentinel incidents, Defender telemetry gaps, and compliance drift.

• Respond to overnight CAP failures, Slack EMM issues, or OS upde regressions.

• Join device/enterprise standups.

Midday

• Build/test remediion scripts (CVE fixes, NTLM disablement, compliance corrections).

• Deploy or test Intune configurion profiles, ESP changes, or app protection updes.

• Troubleshoot support cases with Microsoft (Purview DSPM, Copilot logs, Okta connector).

Afternoon

• Conduct cross-team investigions (external-user access anomalies, Teams meeting forensics).

• Valide CAP behaviors across plforms using test devices.

• Work on ATO evidence packages and documention.

End of Day

• Upde Jira tasks, Confluence documention, and CR submissions.

• Send stus updes on active investigions, mitigions, and test results.

Required Qualificions

Technical Skills

• Expert-level Intune engineering across Windows/macOS/iOS/iPadOS.

• Advanced PowerShell for remediion, automion, and OS image manipulion.

• Deep experience with Microsoft Defender (XDR, Endpoint, Cloud Apps).

• Hands-on with Sentinel SIEM, Function Apps, and cross-plform telemetry pipelines.

• Strong understanding of CAP architecture and identity risk enforcement.

• Experience with ATO control evidence, compliance mapping, and audit support.

Soft Skills

• Growth mindset and willingness to learn emerging security domains.

• Strong cross-team collaborion (Cyber, Ops, EA, ICAM, Comms).

• Excellent communicion—clear summaries, user-impact translion, and documention.

• High reliability, ownership, and situional awareness during high-severity events.

Preferred Qualificions

• Prior experience in federal security, high-compliance, or high‑assurance environments.

• Experience with Jamf, Okta connectors, Copilot audit logging, Graph API operions.

• Experience with mSCP baseline engineering and macOS security hardening.

• Prior involvement in enterprise-wide Conditional Access enforcement.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the stus quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already step 30 — and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compension or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, educion, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market da, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovions. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximely $16.7 billion for the fiscal year ended January 3, 2025. For more informion, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. Th's why we craft compension packages th reflect the importance of the work we do for our customers. Employment benefits include competitive compension, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available www.leidos.com/careers/pay-benefits.

Securing Your Da

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-reled informion during any part of the employment applicion process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communice with you through emails th are genered by the Leidos.com automed system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhsApp, Telegram, etc. If you received an email purporting to be from Leidos th asks for payment-reled informion or any other personal informion (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediely by emailing us LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discriminion

All qualified applicants will receive considerion for employment without regard to sex, race, ethnicity, age, nional origin, citizenship, religion, physical or mental disability, medical condition, genetic informion, pregnancy, family structure, marital stus, ancestry, domestic partner stus, sexual oriention, gender identity or expression, veteran or military stus, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Apply Now