McAfee HBSS Endpoint Security Engineer, Senior

The Challenge:

Everyone knows security needs to be “baked in” to a system architecture, but you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you could use your cyber engineering skills to design and build secure systems for the Navy? We’re looking for an endpoint security engineer who can help create solutions for the Navy that will stand up to even the most advanced cyber threats.

As a cybersecurity engineer on our project, you’ll work in a lab environment to build, configure, administer, and maintain McAfee Host Based Security Solution (HBSS) and Assured Compliance Assessment Solution (ACAS) in an engineering and development environment. Analyze and tune Host-Based Security System (HBSS) policies for assets during integration test events. Install, configure, and maintain HBSS servers and dependent systems. Perform verification and troubleshooting across all HBSS modules. Install, configure, and maintain the ACAS Security Center (SC) and ACAS scanners. Perform Tier IV troubleshooting, analysis  policy, and perform IPS signature review for Application Providers (AP) and DoD Program of Records (PoR). Install, configure, and maintain multiple HBSS servers and dependent systems. Analyze XML policies for HIPS firewalls, HIPS application whitelisting, including McAfee Solidcore and a national agency’s AWL, HIPS exclusions, DLP exclusions, and VSE exclusions. You’ll be able to gain experience in security a broad range of Navy systems while building peace of mind in a critical infrastructure. Join our team as we improve the Navy’s afloat cybersecurity capabilities.

Empower change with us.

You Have:

-5+ years of experience with network or systems engineering or system administration

-2+ years of experience with endpoint security solutions

-Experience with HBSS ePO server administration and maintenance

-Experience with standard HBSS modules, including McAfee Agent (MA), Host Intrusion Prevention System (HIPS), Data Loss Prevention (DLP), Policy Auditor (PA), VirusScan Enterprise (VSE), Rogue System Detection (RSD), Asset Baseline Monitor (ABM), and Asset Configuration Compliance Module (ACCM)

-Experience with analyzing policies for HIPS firewall, HIPS application whitelisting, HIPS intrusion prevention exclusions, DLP exclusions, and VSE exclusions

-Secret clearance

-HS diploma or GED

-Ability to obtain an IAT level II certification within 30 days of start date

Nice If You Have:

-Experience with HBSS HIPS signature review and verification of signature and exceptions

-Experience with ACAS SC and ACAS Nessus scanner administration and maintenance

-Experience with troubleshooting ACAS SC to ACAS scanner synchronization

-Experience with system administration

-Knowledge of configuring primary operating systems, including Microsoft Windows, UNIX, or Linux

-Knowledge of Navy shipboard networks

-Knowledge of using and applying vulnerability assessment tools, including Nessus, Security Content Automation Protocol (SCAP), Secure Technical Implementation Guides (STIGs), checklists, and Security Requirements Guides (SRG)

-Bachelor's degree

-Completion of a DoD 201 HBSS Administrator Course or DoD 301 HBSS Advanced Administrator Course

-Completion of a DoD 501 HBSS Analyst Course


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen Cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced Cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in Cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, test out your new ideas, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.