Lead Information Security Analyst

About Trellix Trellix is a global company redefining the future of cybersecurity. The company’s comprehensive, open, and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at Role Overview: The primary responsibility of this role is to ensure that security tools, including Trellix SIEM, Trellix Application Control, Change Control (MACC), Endpoint Security (ENS) for Windows and Linux, ePolicy Orchestrator (ePO) DAT, Endpoint Deployment, Package Management, and Vulnerability Management Tools (Nessus, Burp Suite), are operationally maintained. About the role: • Collaborate with Security Analysts and Security Architects to ensure that security is implemented properly and that new network and computing environments comply with NIST 800-53, NIST 800-171, and Trellix technology security standards. • Compose automated scripts in Terraform, Python or PowerShell and integrate with AWS CLI, Ansible or Team City for automating security related tasks. • Work with a dedicated System Operations team, or from other Trellix Teams, to improve security and awareness within the Trellix XDR GovCloud and Trellix Email Security GovCloud authorization boundary of operations. • Work with other members of the Federal Security Operations Team dedicated to help ensure visibility and monitoring capabilities are available, for root causing analysis on security related events and threat hunting exercises. • Work to detect, enumerate and resolve system and application code vulnerabilities within the FedRAMP and IL5 boundaries. • Help with investigations of network and hosts/endpoints for malicious activity, to include analysis of event data, and support efforts to detect, confirm, contain, improve, and recover from attacks; Support response to global security incidents including coordination and leadership during security incidents and malware outbreaks. • Review network and system logging standards to determine compliance with CIS and STIG security standards and frameworks for onboarding new projects into the FedRAMP authorization boundary. • Collect and help executive summaries on vulnerability remediation and metrics for product deployments and control gap assessments. • Contribute to overall Information Security processes, procedures, standards, architecture, and supporting documentation. About you: • Bachelor's degree in Computer Science, Information Security and Risk Management, Information Systems, Engineering, or 5 years equivalent work experience working in a Security Operations capacity leveraging NIST 800-53 or Risk Management Framework environments. • Must be a U.S Citizen; and reside on U.S Soil for meeting the AWS GovCloud FedRAMP High Impact Level 4/5 Security Clearance requirements. • Minimum of 3 years of security operations experience, securely hardening and maintaining security tools identified as the primary responsibilities. • Able to write automated scripts in Terraform, Python or PowerShell and integrated with AWS CLI, and Team City for automating security related tasks. • Any combination of the following: CompTIA Security+, CompTIA CySA+, CompTIA Pen Test+, ISACA CISA Professional Certifications. • Experience working within an Amazon AWS Cloud Service and Three-Tier-Architecture environment. • Experience working with security projects associated with the NIST 800-53 (Moderate, High & IL-4/5) Control Frameworks. • Experience working with security incident response and threat mitigation, and containment practices. • Experience with administration and management of Windows 2016, Linux (Amazon Linux v2) operating systems. • Trellix SIEM, App Control/Change Control, Endpoint Security, Email Security and ePO deployment experience is preferred. • Experience with: Near real-time monitoring, alerting, parsing, tuning, optimization, and troubleshooting. Company Benefits and Perks: We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. • Retirement Plans • Medical, Dental and Vision Coverage • Paid Time Off • Paid Parental Leave • Support for Community Involvement We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status. Apply Now Share This Job Share on Facebook Share on X Share on Linkedin Share on Email Apply tot his job