Cyber security hunter

Cyber Threat Hunter (TS/SCI Clearance Required)
Trellix is a global company redefining the future of cybersecurity. The company's comprehensive, open, and native cybersecurity platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. Develops and delivers detailed IT solutions through consulting project activities. Technical responsibilities include problem identification, system architecture definition, hardware/software specification and/or design, implementation, testing, client training, and solution deployment. Performance is typically evaluated based on utilization, (i.e., Project management activities include interaction with company and client managers and schedule monitoring. May participate in sales and proposal presentations in addition to completing ongoing team account activities. Identifies additional product/services opportunities in customer organization. Performance is typically measured by the capture of the consulting engagement and/or delivery of agreed solutions within budgeted hours. The ideal candidate will have a strong background in threat hunting and cyber defense, with the ability to develop and refine Tactics, Techniques, and Procedures (TTPs) to outpace evolving threats. This position also requires clear documentation and close coordination with cross-functional teams to enhance security policies, tools, and architecture based on threat insights.
Up to 25% Travel Required
Trellix is a global company redefining the future of cybersecurity. The company's open and native extended detection and response (XDR) platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Trellix's security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. This is a Full time onsite role at Fort Belvoir, VA in a classified environment. You will be responsible for developing and delivering detailed IT solutions through consulting project activities from client identification through to final invoicing. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criteria for obtaining results. As a Professional Services consultant, you will be responsible for consulting project activities from project initiation through project completion and final invoicing. A Professional Services consultant is expected to interface with internal and external customers and is expected to develop professional relationships that will enable him to achieve his goals.
Create end of engagement reports describing engagement findings and analysis work.
Help develop and maintain intellectual capital within Solution Services around our product line.
Help identify and implement improvements in existing processes and procedures.
Maintain technical proficiency through self-training or formal training.
Help identify and develop new clients and expert services engagements.
Deliver training when required.
Possible helping update and/or create training course material.
Interaction with company and client managers and cost/schedule monitoring and estimating, proposal generation and invoicing.
May participate in sales and proposal presentations in addition to completing ongoing team account activities.
Understanding of cyber threats, attack vectors, detection capabilities, and associated countermeasures
Experience working in a Security Operations Center to monitor security alerts, respond and remediate detected issues is preferred
Analyze configurations for vulnerabilities, recommend mitigations, use network tools to assess risks, and assist in malware removal during incidents.
Maintain a deep knowledge of Trellix Endpoint Security, Application Control/Change Control, ENS, TIE, DXL, DLP, HX, IVX.
Experience in Windows, Mac, Linux OS and application hardening, including understanding artifacts and behaviors.
Experience with one or more scripting languages: Python, PowerShell, Go, C#, other command line scripting or similar is preferred.
You may have experience scripting API integrations with response and orchestration tools like SIEM, SOARs and/or XDR platforms
Experience with event correlation and analysis.
Demonstrated technical proficiency in cybersecurity operations, cybersecurity engineering, systems engineering
Experience with Virtualization (VMWare, Nutanix, etc.) and Cloud Services [i.e., AWS, Azure]) and enterprise networks.
Characterize and analyze network traffic to identify anomalous activities or potential threats using packet-level and protocol analysis tools.
Deliver onsite and remote security application/endpoint protection designs, implementations, training, and knowledge transfer for a wide variety of customers.
Be able to identify gaps in application and network security architecture and recommend strategies using a combination of industry-standard security best practices, software controls and other necessary changes to promote a higher level of information security practices.
Participate in conference calls, onsite meetings and roundtables with customers, sales, internal product development and support to gather data, scope new and existing work, evaluate or suggest new product features and assist in resolving existing product issues.
Detailed understanding of the TCP and IP protocol suites and ability to dissect and explain the contents of traffic and packets.
Experience with configuration of debugging, event generation, and logging functionality within the application and operating systems, using Syslog or flat-file generation.
Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance
~ Advanced Proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint)

Microsoft Certified Solutions Associate (MCSA) Widows Server 2016/2019
Microsoft Certified Solutions Associate (MCSA) SQL 2016 Database Admin
Proficiency with Microsoft SCCM and/or other automatic reporting tools
We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
Retirement Plans
Medical, Dental and Vision Coverage
Support for Community Involvement
We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
At Trellix, we are committed to creating a safe and trustworthy experience for our customers, employees, and candidates. Trellix conducts interviews through professional channels only and does not use text messages, instant messaging, or group chats for interviews. We will never request sensitive personal information-such as your date of birth, Social Security number, or national ID number-during the interview process.
And Trellix will never keep any original work authorization documents that we may be required to review during the hiring process.