Host Based Security System Administrator (TS/SCI)

Mission One: Land The Job. Mission Two: Outdo What's Next. Come #OutsmartOutdo at Leidos!

Leidos is seeking an experienced a TS/SCI cleared Host-Based Security System (HBSS) Administrator to support the management, configuration, and maintenance of endpoint security infrastructure across Department of Defense (DoD) and federal government networks. The ideal candidate brings hands-on experience with McAfee ePolicy Orchestrator (ePO) and the Trellix Security Platform Suite and operates comfortably within a compliance-driven environment governed by DoD standards. The position requires to perform job duties onsite at Langley Air Force base, VA.

Roles and Responsibilities

• Manage, deploy, and maintain HBSS/Trellix endpoint protection technologies across enterprise networks to monitor, detect, and respond to security events.

• Configure and fine-tune HBSS modules including Host Intrusion Prevention System (HIPS), Data Loss Prevention (DLP), and Policy Auditor.

• Implement and maintain DISA Security Technical Implementation Guides (STIGs) to ensure systems remain audit-ready for command inspections and authorization reviews.

• Oversee OS and application patch deployments through McAfee ePO; track vulnerabilities and support Information Assurance (IA) compliance efforts.

• Identify and isolate system anomalies; assist with incident response activities and coordinate with engineering and security operations teams to resolve HBSS point-product issues.

• Monitor server and network health, generate compliance and exception reports, and brief leadership on system status as required.

• Support Authority to Operate (ATO) activities by maintaining accurate system documentation, POA&Ms, and security baselines.

• Coordinate with system owners and the ISSM/ISSO to ensure endpoint policies align with organizational security requirements.

Basic Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field with 4-8 years of directly applicable experience. Additional years of relevant experience will be considered in lieu of degree.

• Must have a DoD TS/SCI Clearance.

• Certification: DoD 8570/8140-compliant certification at IAT Level II or higher — CompTIA Security+ CE required at a minimum.

• Work will occur at government facilities in the Hampton Roads area. Travel may be required to CONUS and OCONUS locations

• Experience: 3–5 years of hands-on experience administering HBSS, McAfee ePO, or the Trellix Security Platform Suite in a DoD or federal government environment, including deployment and management in a predominantly Red Hat Enterprise Linux (RHEL) environment.

• Technical Knowledge: Working knowledge of DISA STIGs, NIST SP 800-53, and DoD IA policies and regulations; familiarity with Linux-specific HBSS agent deployment, configuration, and troubleshooting.

• System Administration: Proficiency in Red Hat Enterprise Linux (RHEL) administration — including RPM package management, SELinux policy, systemd services, and security baseline configuration — as well as Windows Server administration and OS patching.

Preferred Qualifications

• Additional certifications such as CISSP, CISA, CEH, or vendor-specific ePO/Trellix training and certification.

• Proficiency in scripting and automation (e.g., Bash, PowerShell, Python)

• Experience with Assured Compliance Assessment Solution (ACAS) / Tenable Nessus for vulnerability scanning and remediation tracking.

• Familiarity with Security Information and Event Management (SIEM) tools and integration with HBSS/Trellix event data.

• Experience supporting RMF Authorization packages, including development of System Security Plans (SSPs) and continuous monitoring activities.

• Red Hat certifications such as RHCSA or RHCE, or equivalent demonstrated Linux administration experience in a security-focused role.

• Knowledge of scripting (Bash, Python, or PowerShell) for automating HBSS agent deployments, compliance checks, or ePO reporting tasks across mixed OS environments.

• Prior experience in a SOC, NOC, or Cyber Defense environment supporting 24/7 operations.

• Familiarity with cloud-based endpoint security management or hybrid on-prem/cloud ePO deployments.

#DINM

DABAOPP1

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.