Cyber Threat Hunter (TS/SCI Clearance Required)

Cyber Threat Hunter (TS/SCI Clearance Required) Trellix is a global company redefining the future of cybersecurity. The company’s comprehensive, open, and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. Job Title Trellix Professional Services Security Consultant (Public Sector) Work Location Onsite Fort Belvoir, VA Role Overview Develops and delivers detailed IT solutions through consulting project activities. Responsibilities include client identification through final invoicing for engagements requiring varied interpersonal and technical skills. Technical responsibilities include problem identification, system architecture definition, hardware/software specification and/or design, implementation, testing, client training, and solution deployment. Performance is typically evaluated based on utilization, (i.e., billable hours). Project management activities include interaction with company and client managers and schedule monitoring. May participate in sales and proposal presentations in addition to completing ongoing team account activities. Identifies additional product/services opportunities in customer organization. Performance is typically measured by the capture of the consulting engagement and/or delivery of agreed solutions within budgeted hours. The ideal candidate will have a strong background in threat hunting and cyber defense, with the ability to develop and refine Tactics, Techniques, and Procedures (TTPs) to outpace evolving threats. This position also requires clear documentation and close coordination with cross‑functional teams to enhance security policies, tools, and architecture based on threat insights. About the role This is a Full time onsite role at Fort Belvoir, VA in a classified environment. You will be responsible for developing and delivering detailed IT solutions through consulting project activities from client identification through to final invoicing. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criteria for obtaining results. Work leadership may be provided by assigning work and resolving problems. As a Professional Services consultant, you will be responsible for consulting project activities from project initiation through project completion and final invoicing. A Professional Services consultant is expected to interface with internal and external customers and is expected to develop professional relationships that will enable him to achieve his goals. Among the tasks that a PS consultant will be expected to deliver, are: Manage and perform client work, related to our product service’s offerings. Create end of engagement reports describing engagement findings and analysis work. Help develop and maintain intellectual capital within Solution Services around our product line. Help identify and implement improvements in existing processes and procedures. Maintain technical proficiency through self‑training or formal training. Help identify and develop new clients and expert services engagements. Provide knowledge sharing throughout the Solution Services team. Mentor consultant peers in new techniques, tools and other job skills. Deliver training when required. Possible helping update and/or create training course material. Interaction with company and client managers and cost/schedule monitoring and estimating, proposal generation and invoicing. May participate in sales and proposal presentations in addition to completing ongoing team account activities. About the candidate Understanding of cyber threats, attack vectors, detection capabilities, and associated countermeasures Experience working in a Security Operations Center to monitor security alerts, respond and remediate detected issues is preferred Clear understanding of organizational Incident Management processes in relation to threats and vulnerabilities Knowledge and experience creating detailed Threat Hunting plans, briefings and reports. Analyze configurations for vulnerabilities, recommend mitigations, use network tools to assess risks, and assist in malware removal during incidents. Maintain a deep knowledge of Trellix Endpoint Security, Application Control/Change Control, ENS, TIE, DXL, DLP, HX, IVX. Experience in Windows, Mac, Linux OS and application hardening, including understanding artifacts and behaviors. Experience with one or more scripting languages: Python, PowerShell, Go, C#, other command line scripting or similar is preferred. You may have experience scripting API integrations with response and orchestration tools like SIEM, SOARs and/or XDR platforms Experience with a SIEM tool and working with SIEM Analyst. Experience with event correlation and analysis. Demonstrated technical proficiency in cybersecurity operations, cybersecurity engineering, systems engineering Experience with Virtualization (VMWare, Nutanix, etc.) and Cloud Services [i.e., AWS, Azure] and enterprise networks. Characterize and analyze network traffic to identify anomalous activities or potential threats using packet‑level and protocol analysis tools. Deliver onsite and remote security application/endpoint protection designs, implementations, training, and knowledge transfer for a wide variety of customers. Be able to identify gaps in application and network security architecture and recommend strategies using a combination of industry‑standard security best practices, software controls and other necessary changes to promote a higher level of information security practices. Author formal reports, architecture designs, optimization guides, and best‑practice white papers covering a variety of security topics. Participate in conference calls, onsite meetings and roundtables with customers, sales, internal product development and support to gather data, scope new and existing work, evaluate or suggest new product features and assist in resolving existing product issues. Recognize and generate potential product and consulting services sales leads when appropriate and necessary. Detailed understanding of the TCP and IP protocol suites and ability to dissect and explain the contents of traffic and packets. Experience with configuration of debugging, event generation, and logging functionality within the application and operating systems, using Syslog or flat‑file generation. Required Qualifications 5+ years of Threat Hunting experience or similar Federal Government Enterprise capability Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance BA/BS +4 years recent specialized or AA/AS +6 years recent specialized or a major cert + 8 years recent specialized Active DoD 8570 or DoD 8140 compliant cybersecurity certification Advanced Proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint) Preferred Qualifications Knowledge of DoD IT RMF, USCYBERCOM, IC and JFHQ-DoDIN Microsoft Certified Solutions Associate (MCSA) Windows Server 2016/2019 Microsoft Certified Solutions Associate (MCSA) SQL 2016 Database Admin Proficiency with Microsoft SCCM and/or other automated reporting tools Adaptable to changing circumstances and operational needs Understanding of Department of Defense Military and Federal Government Agency standards Experience with Federal Government and DoD IT security requirements Company Benefits and Perks We believe that the best solutions are developed by teams who embrace each other’s unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family‑friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We’re serious about our commitment to a workplace where everyone can thrive and contribute to our industry‑leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status. Our Commitment to You At Trellix, we are committed to creating a safe and trustworthy experience for our customers, employees, and candidates. Please be aware that fraudulent recruiting activity can occur through fake job postings or impersonated communications. Trellix conducts interviews through professional channels only and does not use text messages, instant messaging, or group chats for interviews. We will never request sensitive personal information—such as your date of birth, Social Security number, or national ID number—during the interview process. Trellix also does not require candidates to pay fees, purchase products or services, or process payments of any kind as part of the recruiting or hiring process. And Trellix will never keep any original work authorization documents that we may be required to review during the hiring process. #J-18808-Ljbffr Trellix