Data Protection Engineer (Trellix)

Who we are. Platinum Technologies is a Northern Virginia based integrated solutions firm that specializes in Cybersecurity, Cloud and Digital Services to the Public Sector. Our team solves hard problems and helps our Mission Partners achieve their goals. If you are self-motivated, possess demonstrated learning agility, and are passionate about delivering high-quality work products – we want to hear from you.   We lead with technical expertise, but that is just the tip of the iceberg – the ‘Why’ matters. At Platinum, we don’t hire people to do a job. We provide professional and leadership development to complement our self-motivated domain experts. Our teammates are dot-connecting leaders that operate in a mutually accountable environment to deliver thought leadership, expert technical analysis, and quality execution for our clients You. Platinum Technologies currently has an opportunity for a Kentro is seeking a specialized Data Protection Engineer (Trellix) to join the SIPR and Top-Secret Network Execution Teams for a major Zero Trust transformation. While other roles focus on cloud-native security, this position is dedicated to securing the "tactical edge" and on-premises endpoints within the Command's classified environments. As the Senior Trellix Engineer, you will be the technical authority for the design, deployment, and management of the Trellix (formerly McAfee) Data Loss Prevention (DLP) suite. You will be responsible for configuring and tuning the Trellix ePolicy Orchestrator (ePO) to enforce rigorous device control and data protection policies on workstations operating in disconnected and air-gapped environments. Your work will directly prevent the unauthorized exfiltration of classified intelligence via USB drives, printing, and clipboard transfer, ensuring that the Command’s most sensitive networks remain secure against insider threats and accidental data loss. We are offering a competitive sign-on bonus and relocation assistance for qualified candidates. Located at MacDill AFB in Tampa, Florida. Candidates must hold an active TS/SCI clearance. Responsibilities ● Trellix DLP Architecture: Lead the design and configuration of Trellix DLP Endpoint policies within the ePolicy Orchestrator (ePO) on SIPR and Top-Secret networks to monitor and block unauthorized data transfer vectors (USB, Web, Print, Clipboard). ● Policy & Rule Tuning: Create and refine complex data classification rules and regex patterns to identify specific USSOCOM sensitive data types, actively tuning policies to reduce false positives and transition from "Audit" to "Block" mode. ● Air-Gapped Operations: Manage the unique lifecycle of the ePO environment on the Top-Secret network, including the manual "sneaker-net" transfer of policy updates, agent patches, and threat intelligence definitions. ● Integration: Configure ICAP integration between Trellix and other security components (such as Kiteworks or Web Proxies) to extend DLP inspection to network traffic and file transfers. ● Incident Triage: Serve as the Tier 3 escalation point for DLP incidents, analyzing blocked actions and working with the SOC/SIEM team to ensure alerts are properly ingested into Splunk. Qualifications ● Minimum Clearance Required to Start: Active Top-Secret clearance with SCI eligibility. Education ● Senior Level: Master of Science (MS) degree in Computer Science, Cybersecurity, Information Technology, or a related field. Required Experience & Skills ("Must-Haves") ● Senior Level: 10+ years of related technical experience. ●Trellix/McAfee Expertise: Extensive (5+ years) hands-on experience architecting and administering Trellix (McAfee) ePolicy Orchestrator (ePO) and Data Loss Prevention (DLP) Endpoint products. ●Device Control: Deep understanding of Device Control policies for managing removable storage, peripheral devices, and printing in a secure environment. ●Regex & Classification: Proficiency in creating custom data identifiers using Regular Expressions (Regex) and dictionaries to detect sensitive information. ●Troubleshooting: Proven ability to troubleshoot complex agent-based issues on Windows endpoints, including conflict resolution with other security software. Preferred Experience & Skills ("Nice-to-Haves") ● Experience working in Air-Gapped or isolated network environments (e.g., JWICS, SAPs). ●Knowledge of Trellix Endpoint Security (ENS) and Threat Intelligence Exchange (TIE/DXL). ●Familiarity with Kiteworks or Boldon James for data classification integration. ●Experience with Splunk for log analysis and dashboarding. Certifications ● Required: CompTIA Security+ CE (or higher) to meet DoD 8570 IAT Level II requirements. ● Preferred: Trellix Certified Specialist - Data Loss Prevention (DLP) or equivalent McAfee certification. The Company is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age, or genetic information.