Senior Security Consultant

Job Title:

Senior Security Consultant

Role Overview:

• The Trellix Security Consultant is responsible for enabling Trellix customers to protect their networks, systems, and data using Trellix technology to combat advanced attackers. As such, you will work directly with customers to implement defensive, highly customized security use cases using Trellix technology and other security products. You will also help customers integrate Trellix products into their security operations processes and assist them in understanding threats identified by their security solution. You will represent the company in customer accounts, continue to advance your security expertise and experience, and work within a team to achieve successful outcomes for Trellix customers.

Responsibilities:

• Work with strategic customer accounts on product related consulting services
• Provide deployment and configuration for the Trellix suite of products, including recommending policy and configuration settings based on customer’s environment and security requirements
• Integrate Trellix products with Trellix and third-party SIEM technologies and other security products in the customer’s security stack
• Create Security Operations Standard Operating Procedures around Trellix products including procedures for incident response, IOC sweeping, forensic analysis, disaster recovery, workflow and process diagrams
• Develop custom reports / dashboards and other custom configurations / use cases that leverage Trellix products and other data sources within the customer’s environment
• Manage and lead projects with direct customer interaction
• Work with strategic customer accounts on product related consulting services
• Support regional sales staff in technical discussions with customers
• Provide information security expertise and guidance appropriate for an enterprise network
• Maintain current knowledge of tools and best-practices in combatting advanced persistent threats; including tools, techniques, and procedures (TTPs) of attackers and tools and processes for forensics and incident response

Requirements:

• At least 2 years of experience configuring, managing, and using one or more Endpoint Detection and Response (EDR) products
• Current knowledge of security threats, solutions, security tools and network technologies
• Experience with SCCM and other agent push and distribution technologies
• Extensive knowledge of Windows internals and tools specific to processes, jobs, memory management, I/O, etc.
• Working knowledge of enterprise security controls in Active Directory / Windows environments
• Working knowledge of Windows and UNIX/Linux endpoint hardening and security control enforcement
• Working knowledge of security operations center processes and technologies including SIEM, case management, etc.
• Working knowledge of security infrastructure and related technologies (proxies, firewalls, email filtering technologies, and network intrusion detection systems)
• Experience with virtualized environments like VMWare or VirtualBox
• Experience with cloud providers such as Microsoft Azure, AWS, and GCP
• Ability to use ticketing systems like ServiceNow and JIRA
• Experience and knowledge of network protocols, packet flow, TCP and UDP traffic
• Experience with various log formats such as JSON, Syslog, CEF, XML, and other industry standard message formats
• Excellent communication and presentation skills, with the ability to present to a variety of internal and external audiences
• Ability to handle multiple projects with limited oversight from project managers
• Ability to build strong client relationships and to interact effectively at all levels of the customer’s organization, including senior executives
• Ability to set and manage expectations with senior stakeholders and team members
• Experience with scripting languages such as PowerShell or Python, highly desired
• Experience with Trellix security products, highly desired
• At least 1 year in a security operations role, investigating and responding to alerts, desired
• Familiarity with at least one query language like SQL, MySQL, SPL, etc., desired

Must be willing to travel up to 35% once travel restrictions are lifted

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Pension and Retirement Plans
• Medical, Dental and Vision Coverage
• Paid Time Off
• Paid Parental Leave
• Support for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.