Data Protection Engineer (Trellix), Zero Trust Program (TS/SCI) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Kentro ยท 1 day ago

Data Protection Engineer (Trellix), Zero Trust Program (TS/SCI)

positionTampa, FL
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

Kentro is a company dedicated to innovation and collaboration, seeking a specialized Data Protection Engineer (Trellix) to support a major Zero Trust transformation at U.S. Special Operations Command. The role involves leading the design, deployment, and management of the Trellix Data Loss Prevention suite to secure classified environments and prevent unauthorized data exfiltration.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Trellix DLP Architecture: Lead the design and configuration of Trellix DLP Endpoint policies within the ePolicy Orchestrator (ePO) on SIPR and Top-Secret networks to monitor and block unauthorized data transfer vectors (USB, Web, Print, Clipboard)
Policy & Rule Tuning: Create and refine complex data classification rules and regex patterns to identify specific USSOCOM sensitive data types, actively tuning policies to reduce false positives and transition from "Audit" to "Block" mode
Air-Gapped Operations: Manage the unique lifecycle of the ePO environment on the Top-Secret network, including the manual "sneaker-net" transfer of policy updates, agent patches, and threat intelligence definitions
Integration: Configure ICAP integration between Trellix and other security components (such as Kiteworks or Web Proxies) to extend DLP inspection to network traffic and file transfers
Incident Triage: Serve as the Tier 3 escalation point for DLP incidents, analyzing blocked actions and working with the SOC/SIEM team to ensure alerts are properly ingested into Splunk

Qualification

Trellix ePolicy OrchestratorData Loss PreventionDevice Control policiesRegular ExpressionsTroubleshooting Windows endpointsAir-Gapped environmentsCompTIA Security+ CETrellix Certified SpecialistSplunk

Required

Master of Science (MS) degree in Computer Science, Cybersecurity, Information Technology, or a related field
10+ years of related technical experience
Extensive (5+ years) hands-on experience architecting and administering Trellix (McAfee) ePolicy Orchestrator (ePO) and Data Loss Prevention (DLP) Endpoint products
Deep understanding of Device Control policies for managing removable storage, peripheral devices, and printing in a secure environment
Proficiency in creating custom data identifiers using Regular Expressions (Regex) and dictionaries to detect sensitive information
Proven ability to troubleshoot complex agent-based issues on Windows endpoints, including conflict resolution with other security software
CompTIA Security+ CE (or higher) to meet DoD 8570 IAT Level II requirements
Active Top-Secret clearance with SCI eligibility

Preferred

Experience working in Air-Gapped or isolated network environments (e.g., JWICS, SAPs)
Knowledge of Trellix Endpoint Security (ENS) and Threat Intelligence Exchange (TIE/DXL)
Familiarity with Kiteworks or Boldon James for data classification integration
Experience with Splunk for log analysis and dashboarding
Trellix Certified Specialist - Data Loss Prevention (DLP) or equivalent McAfee certification

Benefits

Paid time off
Healthcare benefits
Supplemental benefits
401k including an employer match
Discount perks
Rewards
Education reimbursement for certifications, degrees, or professional development

Company

Kentro

twitter
company-logo
IT Concepts has transformed into Kentro - your center for innovation, excellence, and growth.
location
McLean, Virginia, US
people-size501-1000 employees
web-link
http://www.kentro.us

Funding

Current Stage
Late Stage
Company data provided by crunchbase