Endpoint Security Engineer Lead
Company: Leidos
Location: Arlington
Posted on: April 1, 2026
|
|
|
Job Description:
Leidos has an immediate need for a lead Endpoint Security
Engineer for a customer on a highly visible and strategic
Cybersecurity Task Order. The Security Engineer will need to be a
self-starter with excellent analytical and problem-solving skills,
flexibility, good judgment, and the ability to coordinate multiple,
concurrent tasks in an effective manner. This individual will work
with internal team members to ensure that systems are functional,
secure, and scalable. The Security Engineer will support the design
and development of cybersecurity tools and technology along with
integration of new architectural features into existing
infrastructures while maintaining the integrity and security of
enterprise-wide systems and networks. Primary Responsibilities:
Technical Leadership: Serve as the primary technical authority for
CrowdStrike, guiding the team on best practices and technical
standards. Deployment and Management: Oversee the deployment and
maintenance of CrowdStrike agents to ensure full coverage across
all endpoints. Incident Response: Lead and participate in the
investigation and response to security incidents detected by
CrowdStrike. Threat Hunting: Perform threat hunting, conduct
malware analysis, and help refine detection logic in collaboration
with the SOC. Integrations: Integrate the CrowdStrike platform with
other security tools, such as SIEM/SOAR platforms, using scripting
languages like Python and PowerShell. Mentorship: Mentor and guide
junior engineers on technical standards, processes, and procedures.
Strategy and Compliance: Ensure the endpoint security strategy
aligns with enterprise goals and that all solutions meet regulatory
and compliance standards. Automation: Identify and implement
opportunities for automation to streamline security operations.
Documentation: Maintain up-to-date documentation, standard
operating procedures (SOPs), and knowledge base articles. Manage
multiple assignments, changing priorities, and work independently
with little oversight Work closely with senior engineers, other
team members and application owners to solve technical problems at
the network, system and application levels Conduct periodic
architectural reviews of installed sensors to assess effectiveness
and propose optimal installation alternatives as required Deploy
CrowdStrike Falcon Endpoint Detection and Response (EDR) detection
agent up to 4K devices. Reduce risk by ensuring coverage of malware
detection for in-scope CrowdStrike EDR Agent capable devices.
Optimization of EDR solution, including refinement data produced,
development of automated workflows or playbooks, and integration of
the EDR data with Enterprise solutions, including SIEM solutions.
Configuring CrowdStrike cloud-hosted SaaS Solution, to manage
policies, control reporting data, manage, and respond to threats.
Experience in backend solution, day to day system admin and
monitoring, file system management and disk management and creation
of shell scripts for the automation of tasks and the extraction of
logs Provide follow-up reports (technical findings, feedback,
resolution steps taken) for Root Cause analysis, engineering
technical assessment and process improvement initiatives Basic
Qualifications: BS degree in Science, Technology, Engineering or
related field and 12-15 years of prior relevant experience with a
focus on cybersecurity OR Masters with 10 years of prior relevant
experience. Experience leading cross-functional security
initiatives and managing small teams or projects. Extensive,
hands-on experience with the CrowdStrike Falcon platform, including
multiple modules (e.g., EDR, FIM, Identity Protection, Data
Protection). Expertise in endpoint security concepts and incident
response processes. Proficiency in scripting languages like Python,
PowerShell, or Bash for automation and custom response actions.
Strong knowledge of security frameworks like NIST or MITRE
ATT&CK. Experience with SIEM integrations and threat analysis.
Solid understanding of operating systems (Windows, Linux, macOS).
Superior attention to detail with excellent written and verbal
communication skills. Excellent problem solving, research, and
follow-up skills. Self-motivation and ability to work
independently. Ability to obtain an Entry of Duty (EOD) Public
Trust. Candidate must, at a minimum, meet one of these
certifications: CrowdStrike certifications (e.g., CCFR, CCFP).
Preferred Qualifications: Experience automating management tasks
with Ansible, Puppet, or Chef Experience working with SIEM tools
such as Splunk to ingest, normalize, store, and maintain data from
endpoint, network, and application sourcetypes. Experience working
in AWS and Azure Experience with Wiz, Sepio, TVM and Nucleus is a
plus If you're looking for comfort, keep scrolling. At Leidos, we
outthink, outbuild, and outpace the status quo — because the
mission demands it. We're not hiring followers. We're recruiting
the ones who disrupt, provoke, and refuse to fail. Step 10 is
ancient history. We're already at step 30 — and moving faster than
anyone else dares. Original Posting: February 5, 2026 For U.S.
Positions: While subject to change based on business needs, Leidos
reasonably anticipates that this job requisition will remain open
for at least 3 days with an anticipated close date of no earlier
than 3 days after the original posting date as listed above. Pay
Range: Pay Range $131,300.00 - $237,350.00 The Leidos pay range for
this job level is a general guideline only and not a guarantee of
compensation or salary. Additional factors considered in extending
an offer include (but are not limited to) responsibilities of the
job, education, experience, knowledge, skills, and abilities, as
well as internal equity, alignment with market data, applicable
bargaining agreement (if any), or other law.
Keywords: Leidos, Arlington , Endpoint Security Engineer Lead, IT / Software / Systems , Arlington, Virginia
