NorthHill Technology Resources has a need for a Trellix Cybersecurity Engineer to support a Federal Program in Chantilly, VA.  This is a direct-hire role with our client, a fast-growing Federal Integrator.  An active TS/SCI Clearance and CI Polygraph is required.
 

Seeking a  Trellix Cybersecurity Engineer with RMF ISSO expertise to architect, implement, and manage a comprehensive Trellix security environment while supporting RMF compliance activities. 

This role requires expertise in deploying / utilizing Trellix , configuring and managing all modules, performing STIG compliance across integrated devices including Microsoft SQL, and ensuring cybersecurity compliance through direct ISSO responsibilities. The candidate will support various infrastructure environments to ensure their security posture meets DoD and IC mission objectives.

 

This is a full-time permanent on-site role in Chantilly, VA. 

 

Primary Responsibilities:

• Install, configure, and manage Trellix ePO and associated modules from initial deployment to operational sustainment.
• Integrate Trellix with Microsoft SQL databases, ensuring optimal performance, availability, and security compliance.
• Develop and implement STIG hardening for all systems associated with Trellix deployment, including endpoints, servers, and databases.
• Configure and manage endpoint security, DLP, threat prevention, and advanced Trellix modules to support CDAO AI/ML mission security requirements.
• Conduct vulnerability assessments and remediate findings to maintain system compliance with DoD and CDAO security standards.
• Develop operational documentation, SOPs, and as-built configurations for sustainment.
• Collaborate with security teams, system administrators, and data engineers to integrate Trellix into AI/ML workflows securely.
• Provide Tier III support and subject matter expertise for all Trellix-related issues and projects.

Additional Duties – RMF ISSO Roles & Responsibilities:

• Serve as Information System Security Officer (ISSO) for assigned systems.
• Support development, implementation, and maintenance of RMF packages, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
• Conduct continuous monitoring activities, vulnerability scanning, and security control assessments.
• Coordinate with the Information System Security Manager (ISSM) and Authorizing Official (AO) to maintain system Authorization to Operate (ATO) status.
• Ensure security requirements are integrated into system designs supporting operations.
• Maintain knowledge of evolving DoD, RMF, and CDAO cybersecurity policies to ensure compliance and proactive risk management.

Required Qualifications:

• 8+ years of cybersecurity engineering experience, with significant hands-on expertise in Trellix (McAfee) architecture and administration.
• Bachelor’s Degree in Computer Science, Cybersecurity, or related field.
• Active TS/SCI Clearance required.
• 8570 IAT II compliant certification (e.g., Security+, CCNA Security, CySA+, GICSP, GSEC, SSCP).
• Cloud Security Certification (e.g., AWS Certified Security – Specialty, CCSK, CCSP, Azure Security Engineer Associate) Desired.
• Expert-level knowledge in deploying and managing Trellix ePO, Threat Prevention, DLP, and associated modules in DoD environments.
• Demonstrated experience setting up Trellix from scratch, including policy configuration, system deployment, and integration with Microsoft SQL databases.
• Strong understanding of DoD STIG compliance, vulnerability management, and security hardening for Windows and Linux systems.
• Experience performing RMF ISSO responsibilities within classified environments.
• Strong communication and collaboration skills, with experience working in cross-functional mission-focused teams.
• U.S. Citizenship required due to contract requirements.

Preferred Qualifications:

• Trellix/McAfee Certified Product Specialist or similar vendor certifications.
• Familiarity with SIEM integrations involving Trellix and enterprise logging solutions.
• Experience with STIG compliance automation tools (e.g., SCAP, DISA STIG Viewer).
• Ability to develop security engineering solutions in alignment with RMF, NIST, and DoD cybersecurity frameworks.