Cyber Threat Hunter (TS/SCI Clearance Required)

Job Title Trellix Professional Services Security Consultant (Public Sector) Work Location Onsite Fort Belvoir, VA Clearance Required

TS/SCI

Travel Up to 25% required Role Overview This is a full‑time onsite role at Fort Belvoir, VA in a classified environment. The consultant will develop and deliver detailed IT solutions through consulting project activities from project initiation through final invoicing. Responsibilities include consulting project management, client engagement, technical solution design, testing, training, and close coordination with cross‑functional teams to enhance security policies and architecture. Responsibilities Manage and perform client work related to Trellix product and services offerings. Create end‑of‑engagement reports describing findings and analysis. Help develop and maintain intellectual capital within Solution Services. Identify and implement improvements in existing processes and procedures. Maintain technical proficiency through self‑training or formal training. Help identify and develop new client and expert services engagements. Provide knowledge sharing throughout the Solution Services team. Mentor consultant peers in new techniques, tools, and job skills. Deliver training when required and help update or create training course material. Interact with company and client managers, monitor cost/schedule, estimate, generate proposals, and invoice. Participate in sales and proposal presentations in addition to ongoing team account activities. About the Candidate Understanding of cyber threats, attack vectors, detection capabilities, and countermeasures. Experience in a Security Operations Center monitoring alerts, responding to and remediating detected issues. Clear understanding of organizational Incident Management processes related to threats and vulnerabilities. Experience creating detailed Threat Hunting plans, briefings, and reports. Analyze configurations for vulnerabilities, recommend mitigations, use network tools to assess risks, and assist in malware removal during incidents. Deep knowledge of Trellix Endpoint Security, Application Control/Change Control, ENS, TIE, DXL, DLP, HX, IVX. Experience with Windows, Mac, Linux OS and application hardening, understanding artifacts and behaviors. Experience with scripting languages: Python, PowerShell, Go, C#, or similar. Experience scripting API integrations with response and orchestration tools like SIEM, SOARs, and/or XDR platforms. Experience with a SIEM tool and working with SIEM analysts. Experience with event correlation and analysis. Demonstrated technical proficiency in cybersecurity operations, engineering, and systems engineering. Experience with virtualization (VMware, Nutanix, etc.) and cloud services (AWS, Azure) and enterprise networks. Characterize and analyze network traffic to identify anomalies using packet‑level and protocol analysis tools. Deliver onsite and remote security application/endpoint protection designs, implementations, training, and knowledge transfer. Identify gaps in application and network security architecture and recommend strategies using industry‑standard best practices. Author formal reports, architecture designs, optimization guides, and best‑practice white papers on security topics. Participate in conference calls, onsite meetings, and roundtables with customers, sales, and internal product teams. Recognize and generate potential product and consulting services sales leads when appropriate. Detailed understanding of TCP and IP protocol suites and ability to dissect traffic and packets. Experience configuring debugging, event generation, and logging in applications and operating systems using Syslog or flat‑file generation. Required Qualifications 5+ years of Threat Hunting experience or equivalent Federal Government Enterprise capability. Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance. BA/BS with 4+ years recent specialized work or AA/AS with 6+ years recent specialized work, or equivalent certifications with 8+ years recent specialized work. Active DoD 8570 or DoD 8140 compliant cybersecurity certification. Advanced proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint). Preferred Qualifications Knowledge of DoD IT RMF, USCYBERCOM, IC, and JFHQ‑DoDIN. Microsoft Certified Solutions Associate (MCSA) Windows Server 2016/2019. Microsoft Certified Solutions Associate (MCSA) SQL 2016 Database Administration. Proficiency with Microsoft SCCM or other automatic reporting tools. Adaptable to changing circumstances and operational needs. Understanding of Department of Defense Military and Federal Government Agency standards. Experience with Federal Government and DoD IT security requirements. Company Benefits and Perks Retirement Plans. Medical, Dental and Vision Coverage. Paid Time Off. Paid Parental Leave. Support for Community Involvement. #J-18808-Ljbffr Trellix