Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Systems Engineer - Microsoft 365 Security & Compliance / Endpoint Security Engineer (GCC)

$107.9k - $195.05k

Koitecc Solutions

Leidos is seeking an experienced M365 Security and Compliance Administrator to join our Information Technology team. This role requires a seasoned professional who can strategically manage and enhance the security and compliance posture of the M365 environment within a GCC (Government Community Cloud) tenant, particularly in a federal agency context. This senior engineering role sits at the center of the organization’s device, identity, and M365 security ecosystem. The engineer is responsible for protecting enterprise Windows, macOS, iOS/iPadOS endpoints; ensuring compliant, reliable access to M365 services, and driving rapid engineering responses to vulnerabilities, outages, and operational risks. The successful candidate will apply with deep technical expertise, cross-platform engineering capability, and high operational security judgment. Role Summary Responsible for securing and maintaining compliance of the Microsoft 365 (M365) ecosystem and enterprise endpoints. Leads security governance, implements and enforces controls across M365, email, identity, devices, and telemetry, and provides incident response and audit/ATO support to ensure alignment with federal and organizational security requirements. Primary Responsibilities Strategic security oversight & governance Lead the development, implementation, and ongoing management of M365 security policies, standards, and technical guardrails aligned to federal requirements and organizational controls. Own governance for data protection capabilities including document classification, labeling, retention, and Data Loss Prevention (DLP) using Microsoft Purview. Email security & compliance management (Exchange Online) Define and enforce email security policies such as encryption, sensitivity labeling, and secure mail flow to reduce unauthorized disclosure. Implement and maintain email encryption solutions (S/MIME and/or Microsoft Information Protection) to protect confidentiality of email communications. Administer and monitor anti-spam, anti-phishing, and anti-malware protections to defend against evolving threats. Identity, access, and conditional access (Entra ID) Engineer and validate device‑compliance‑based Conditional Access policies across Windows, macOS, and mobile platforms. Investigate and remediate Conditional Access failures, identity anomalies, and external/guest access issues, including M365 B2B trust and secure partner collaboration requirements. Endpoint & device security engineering (Intune) Design, test, and deploy Intune configuration and compliance policies for Windows, macOS, and iOS/iPadOS, including Enrollment Status Pages (ESPs) and OOBE workflows. Develop remediation scripts (PowerShell/platform scripts/configuration profiles) to close compliance gaps and enforce security baselines. Coordinate enterprise rollout of urgent vulnerability mitigations and validated vendor fixes; support vulnerability reviews and baseline rebuilds. Risk management & compliance assurance (ATO / controls) Establish and operate a risk management approach to identify, assess, and mitigate security risks across the M365 ecosystem. Support ATO/control assessment activities by drafting implementation statements, collecting artifacts, and providing evidence aligned to audit/logging requirements. Security monitoring, SIEM, and telemetry engineering (Defender / Sentinel) Lead integration and operational management of Microsoft Defender and Microsoft Sentinel for threat detection, alerting, and response across M365. Build and maintain SIEM integrations/connectors (e.g., M365, collaboration and identity systems) and develop ingestion pipelines (e.g., Azure Function Apps) for third‑party logs. Tune audit retention, analytic rules, and alert logic to improve signal quality and investigation readiness. Incident response & operational support / collaboration Provide Tier 3 troubleshooting for device compliance failures, identity/access incidents, telemetry gaps, and OS/app protection issues. Partner with cross‑functional teams to align security solutions with business objectives, deliver technical leadership, and support enterprise syncs and operational reviews. Continuous improvement & innovation Stay current on M365 security/compliance updates, industry trends, and emerging capabilities; drive improvements to security posture and operational efficiency (including use of GCC Copilot where appropriate). Platform Scope / Tooling Microsoft 365 (GCC), Microsoft Purview (DLP/labels/classification/retention), Exchange Online, Entra ID & Conditional Access, Microsoft Intune, Microsoft Defender, Microsoft Sentinel, Azure (Function Apps / Log Analytics), plus integrations with collaboration/IT systems (e.g., ticketing and SaaS log sources). Day in the Life Morning Review Sentinel incidents, Defender telemetry gaps, and compliance drift. Respond to overnight CAP failures, Slack EMM issues, or OS update regressions. Join device/enterprise standups. Midday Build/test remediation scripts (CVE fixes, NTLM disablement, compliance corrections). Deploy or test Intune configuration profiles, ESP changes, or app protection updates. Troubleshoot support cases with Microsoft (Purview DSPM, Copilot logs, Okta connector). Afternoon Conduct cross-team investigations (external-user access anomalies, Teams meeting forensics). Validate CAP behaviors across platforms using test devices. Work on ATO evidence packages and documentation. End of Day Update Jira tasks, Confluence documentation, and CR submissions. Send status updates on active investigations, mitigations, and test results. Required Qualifications Technical Skills Expert‑level Intune engineering across Windows/macOS/iOS/iPadOS. Advanced PowerShell for remediation, automation, and OS image manipulation. Deep experience with Microsoft Defender (XDR, Endpoint, Cloud Apps). Hands‑on with Sentinel SIEM, Function Apps, and cross‑platform telemetry pipelines. Strong understanding of CAP architecture and identity risk enforcement. Experience with ATO control evidence, compliance mapping, and audit support. Soft Skills Growth mindset and willingness to learn emerging security domains. Strong cross-team collaboration (Cyber, Ops, EA, ICAM, Comms). Excellent communication‑clear summaries, user-impact translation, and documentation. High reliability, ownership, and situational awareness during high‑severity events. Preferred Qualifications Prior experience in federal security, high-compliance, or high-assurance environments. Experience with Jamf, Okta connectors, Copilot audit logging, Graph API operations. Experience with mSCP baseline engineering and macOS security hardening. Prior involvement in enterprise‑wide Conditional Access enforcement. Pay Range Pay Range $107,900.00 - $195,050.00 Pay and Benefits Employment benefits include competitive compensation, health and wellness programs, income protection, paid leave and retirement. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws. #J-18808-Ljbffr Koitecc Solutions

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Systems Engineer - Microsoft 365 Security & Compliance / Endpoint Security Engineer (GCC) in Washington DC vacancy
  • $140k - $170k

     ...Security & Compliance Engineer Join to apply for the Security & Compliance...  ...advanced hardware systems—from spacecraft and...  ...s network, ensuring endpoint security,...  ...such as AWS GovCloud, Microsoft Azure, Microsoft Government...  ...Community Cloud (GCC). Experience implementing... 
    Microsoft
    Permanent employment
    H1b
    Visa sponsorship
    Work visa

    Nominal

    Washington DC
    2 days ago
  • $131.3k - $237.35k

    Principal Endpoint Security Systems Engineer Leidos has an exciting opportunity for a Principal Endpoint Security Systems Engineer in our Intel Security Sector's Analysis Solutions Business Area . This role involves designing, deploying, maintaining, and upgrading endpoint... 
    Suggested
    Immediate start
    Flexible hours

    Koitecc Solutions

    Bethesda, MD
    22 hours ago
  • $126.1k - $227.95k

    Leidos has a new and exciting opportunity a Principal Endpoint Security Systems Engineer in our National Security Sector's (NSS) Cyber & Analytics Business Area (CABA) . Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission... 
    Suggested
    Immediate start
    Flexible hours

    Fairygodboss

    Bethesda, MD
    3 days ago
  • Koitecc Solutions is seeking a seasoned M365 Security and Compliance Administrator to enhance the security posture of the Microsoft 365 environment in a federal agency setting. This role includes duties such as leading security governance, implementing email security policies... 
    Microsoft

    Koitecc Solutions

    Washington DC
    2 days ago
  •  ...Lead Security Engineer Job Description Overview CoStar...  ...improve network and endpoint security...  ...members Experience with Microsoft Security tooling (Defender...  ...associated applications/systems to expediently...  ...is also committed to compliance with all fair employment... 
    Microsoft
    Full time
    Work at office
    Work from home
    Monday to Thursday

    CoStar Realty Information, Inc.

    Arlington, VA
    22 hours ago
  • Leidos has an exciting opportunity for a Principal Endpoint Security Systems Engineer in Bethesda, Maryland. This role involves designing, deploying, and maintaining endpoint security capabilities in a hybrid cloud/on-prem mission environment. The ideal candidate will... 

    Koitecc Solutions

    Bethesda, MD
    22 hours ago
  • $140k - $180k

     ...Prevention (DLP) Security Engineer Location: Remote...  ...of the agency's Microsoft 365 Purview implementation...  ...technologies for endpoint and network data...  ..., and ensuring compliance with federal...  ...across enterprise systems and cloud environments...  ...in M365 GCC High and/or Azure... 
    Microsoft
    Remote job

    S2i2, Inc

    Washington DC
    1 day ago
  •  ...enterprise as a Senior M365 Systems Engineer at GDIT. Here,...  ...efficiency. Collaborate with Cyber Security, Cloud Infrastructure, Enterprise Networks, Legal/Compliance, and Microsoft Teams to ensure secure, reliable...  ...engineering Microsoft 365 systems. Experience: 9+ years... 
    Microsoft
    Work at office
    Work from home
    Flexible hours

    General Dynamics Information Technology

    Falls Church, VA
    3 days ago
  •  ...individual to support Windows, Cloud, Virtualization, and Storage systems, ensuring high-quality and secure solutions. The ideal candidate will have over 10 years in IT, specializing in Active Directory and Microsoft 365 management. Expertise in virtualization and PowerShell... 
    Microsoft
    Remote job

    Computer World Services

    Washington DC
    2 days ago
  •  ...hiring a Senior Cloud Systems Architect in Washington DC to oversee Microsoft platform solutions and ensure strong security and compliance. The candidate will lead...  ...architect for Microsoft 365. The ideal candidate...  ...extensive experience in cloud engineering and strong... 
    Microsoft

    SAAB

    Washington DC
    6 days ago
  • $95k - $150k

     ...The Role As a Systems Engineer in Palantir’s Technical...  ...working with Information Security to harden critical...  ...both commercial and GCC High M365 and Azure environments...  ...Act as Microsoft 365 SME and point of escalation...  ...with Palantir’s Compliance teams to maintain compliance... 
    Microsoft
    Work experience placement
    Work at office
    Remote work
    Work from home
    Relocation package

    Palantir Technologies

    Washington DC
    more than 2 months ago
  • ZERMOUNT POSITION DESCRIPTION (PD) SECURITY & COMPLIANCE ENGINEERING (SCE) POSITION OVERVIEW Zermount Inc. is seeking System Compliance Engineering (SCE) to support system risk...  ...Log analysis platforms such as: Splunk, Microsoft Sentinel, IBM QRadar, etc. Configuration... 
    Microsoft
    Remote work

    Zermount, Inc.

    Arlington, VA
    4 days ago
  • $100k - $110k

     ...Description The Sr. Cloud Security Engineer plays a key role in...  ...environment by enhancing visibility, compliance, and threat detection...  ...scalable, resilient, and secure systems. Note that visa...  ...Proficiency in CSPM tools such as Microsoft Defender for Cloud, Wiz,... 
    Microsoft
    Temporary work
    Local area
    Visa sponsorship
    Work visa
    Flexible hours

    WTW inc.

    Arlington, VA
    1 day ago
  •  ...incorporating device compliance, location, and risk-...  ...the full suite (Endpoint, Office 365, Identity, and Cloud...  ...core components of the Microsoft security and management...  ...Science, or Information Systems. ~ Microsoft Certified...  ...Azure Security Engineer Associate (AZ-500) (... 
    Microsoft
    For contractors
    Work at office

    3B Staffing LLC

    Arlington, VA
    3 days ago
  •  ...Senior IT Security Engineer Location: Hybrid 3 days on DC Interview...  ...granted natively to various Microsoft Built-In Groups to perform Active...  ...a directory synchronization system for Microsoft Active...  ...Provide data for regulatory compliance from Active Directory or support... 
    Microsoft
    Work at office
    Local area

    InterSources

    Washington DC
    22 hours ago
  • $134.6k - $184.5k

     ...This role requires approximately 10-15 years of experience, and expertise in technical architecture, especially with security solutions like Microsoft Defender and CrowdStrike. Candidates must possess strong interpersonal and communication skills, and be capable of handling... 
    Microsoft
    Remote job

    Optiv

    Arlington, VA
    4 days ago
  • $91.3k - $184.9k

     ...Security Architect At Accenture Federal Services...  ...architecture and engineering team in the CISO...  ...modeling across systems, applications, and...  ...knowledge of Microsoft cloud services (e....  ...IaaS/PaaS, Office 365) ~ Strong understanding...  ..., IDS/IPS, endpoint security, etc) ~... 
    Microsoft
    Live in
    Work at office

    Accenture Federal Services

    Arlington, VA
    22 hours ago
  • $200k - $275k

     ...Security Architect King & Spalding is a leading...  ..., particularly Microsoft Azure, along with...  ...operations/engineering to design and develop...  ...strategies. Ensure compliance with industry...  ...including Defender for Endpoint, Defender for...  ...Defender for Office 365. ~ Experience with... 
    Microsoft
    Full time
    Work at office
    Local area
    Worldwide
    Flexible hours

    King & Spalding

    Washington DC
    3 days ago
  • $134.6k - $184.5k

     ...requirements translate into security features and...  ...administration, and maturation of Endpoint Detection and Response...  ...Expertise with Microsoft Defender and Intune (...  ...OSI model), operating system fundamentals (Windows,...  ...regulatory requirements and compliance issues affecting... 
    Microsoft
    Remote job
    Work experience placement
    Local area
    Work from home

    Optiv

    Arlington, VA
    1 day ago
  • $42 - $50 per hour

    Apex Systems is seeking a Senior AntiVirus Engineer to support enterprise anti-virus operations in Washington, D.C. This role involves managing deployment...  ..., and troubleshooting for anti-virus software across endpoints. The ideal candidate will have over 8 years of... 
    Hourly pay

    Apex Systems

    Washington DC
    1 day ago
  • Basecamp Consulting and Solutions LLC is seeking a Systems Engineer in Washington, DC to enhance endpoint security and device management. This role involves designing secure workstation images and supporting identity and device lifecycle engineering. Applicants should have... 
    Remote job
    Work from home
    Flexible hours

    Basecamp Consulting and Solutions

    Washington DC
    1 day ago
  •  ...Senior Security Operations Engineer Job Title: Senior Security Operations...  ..., and maintain Endpoint Detection and...  ...Detection and Prevention Systems (IDS/IPS), network security...  ...security, and compliance monitoring...  ...platforms (e.g., Splunk, Microsoft Sentinel, QRadar, ArcSight... 
    Microsoft

    Tri-Force Consulting Services Inc. | IT Recruitment & Staffi...

    Washington DC
    2 days ago
  • $115k - $150k

     ...global leader in innovative security technology, we help businesses...  ..., and collaboration. From engineering to sales and support, every...  ...matters. The Lead Security Systems Engineer plays a pivotal role...  ...Experience working with Microsoft SQL Server (2005/2008+) and... 
    Microsoft
    Worldwide
    Flexible hours

    3Si Security Systems

    Alexandria, VA
    7 days ago
  • Position Name: Jr. Systems Engineer Reports to: Client Technology Manager...  ...Support / Desktop Support: Microsoft Windows, Microsoft Office, desktop...  ...of primarily Microsoft 365 stack (Exchange Online, SharePoint...  ...or similar product for endpoint threat management Basic... 
    Microsoft
    Work at office

    Atlas Technica LLC

    Washington DC
    1 day ago
  •  ...cyber for 25 years! The Systems Engineer for Mobility serves...  ...the administration, security, lifecycle management...  ...of the Unified Endpoint Management - Mobility...  ...premises Exchange and Microsoft 365 (Exchange Online), while...  ...provisioning tokens, compliance policies, and mobile... 
    Microsoft
    Permanent employment

    Tetrad Digital Integrity LLC

    Washington DC
    3 days ago
  • $120k

    Senior Microsoft Systems Engineer (SCCM/MECM) Washington, DC This role...  ...optimization of enterprise endpoint management solutions...  ...distribution, patch management, compliance enforcement, and endpoint security integration....  ...Assist with Microsoft 365 endpoint management strategy... 
    Microsoft
    Full time
    Work at office
    Work from home
    Home office

    Chenega Agile Real Time Solutions, LLC

    Washington DC
    2 days ago
  •  ...Lead Security Engineer Job Description Overview CoStar Group is...  ...develop and improve network and endpoint security configuration...  ...members Experience with Microsoft Security tooling (Defender,...  ...job associated applications/systems to expediently process work... 
    Microsoft
    Full time
    Work at office
    Work from home
    Monday to Thursday

    CoStar Group

    Arlington, VA
    3 days ago
  •  ...NorthHill Technology Resources has a need for a Systems Security Engineer to support a Federal Program in Washington, DC . This is a direct-hire...  ...on Windows and Linux-based networks. Ensure compliance with DoD policies and DISA guidelines for system and security... 
    Full time

    NorthHill Technology

    Washington DC
    2 days ago
  •  ...technology firm based in Virginia is seeking a Senior Endpoint Engineer to support the Department of Homeland Security in a cloud-based Microsoft Azure setup. This role entails managing Microsoft Intune for endpoint compliance, deploying services via Windows Autopilot, and... 
    Microsoft

    MSM Technology LLC

    Arlington, VA
    4 days ago
  •  ...Sr. Systems Security Engineer OVERVIEW: We are seeking for a Sr. Systems Security Engineer to assist the customer with engineering and administration...  ...document security architecture solutions, aligning with compliance requirements and organizational mission needs. Ensure... 

    Navstar

    Washington DC
    22 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Systems Engineer - Microsoft 365 Security & Compliance / Endpoint Security Engineer (GCC). Be the first to apply!