MetroStar

Sr. Endpoint Security Engineer I (6701)

MetroStar · Washington, District of Columbia, United States · $138K–$166K/yr

Software Development · 501-1,000 employees

7 h ago
Senior (5-10 yrs) Full-time United States
Log in to apply, save this posting, or score it against your profile with AI.

About the role

Serve as the technical lead for endpoint security and data protection, managing Trellix platforms and supporting SOC analysts. Responsibilities include remediating compliance findings, developing DLP policies, and integrating security telemetry into SIEM/SOAR platforms.

What they look for

Trellix ePO Endpoint Security EDR DLP Encryption Application Whitelisting File Integrity Monitoring SIEM Integration SOAR Integration Root-Cause Analysis TS/SCI Clearance Endpoint Hardening Incident Response Risk Management Security Architecture Automation Scripting

Requirements

Requires an active TS/SCI security clearance and over 5 years of experience engineering Trellix security solutions in large enterprise environments. Candidates must have deep hands-on expertise with ePO, ENS, EDR, and various data protection technologies.

Benefits

Health Insurance Dental Insurance Vision Insurance 401(k) Retirement Plan With Company Match Paid Time Off Holidays Parental Leave Dependent Care Flexible Work Arrangements Professional Development Opportunities Employee Assistance And Wellness Programs Performance-based Bonuses Company-paid Training Certifications Referral Bonuses

Full description

As a Sr. Endpoint Security Engineer (Trellix) I, you’ll serve as the technical lead for the organization's endpoint security and data protection ecosystem, balancing day-to-day operational support with strategic cybersecurity engineering initiatives. You will work closely with security operations, infrastructure, application teams, and leadership to strengthen the organization's overall security posture.

We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

What you’ll do:

  • Monitoring and managing enterprise Trellix security platforms, including ePO, ENS, EDR, DLP, and encryption technologies.
  • Supporting SOC analysts by tuning alerts, improving detection capabilities, and investigating endpoint security events.
  • Remediating JCIP and compliance findings through application whitelisting, File Integrity Monitoring (FIM), DLP enhancements, and security control implementations; designing and deploying endpoint hardening and application control solutions using Trellix Application and Change Control (Solidcore).
  • Developing and maintaining DLP policies, encryption controls, removable media protections, and data classification safeguards; integrating endpoint security telemetry into SIEM and SOAR platforms to improve visibility, detection, and automated response capabilities.
  • Performing root-cause analysis of security incidents, policy conflicts, and endpoint management issues; developing automation workflows and operational efficiencies using scripts, APIs, and orchestration tools.
  • Creating and maintaining dashboards, reports, and metrics to support cybersecurity operations and executive reporting; collaborating with security assessors and compliance teams to implement and validate technical controls.
  • Documenting security architectures, SOPs, playbooks, and engineering standards; researching emerging threats, evaluating new security capabilities, and recommending improvements to strengthen enterprise cyber defenses.

What you’ll need to succeed:

  • Active TS/SCI security clearance.
  • 5+ years of experience administering and engineering Trellix security solutions in a large enterprise environment.
  • Hands-on experience with Trellix ePolicy Orchestrator (ePO), Endpoint Security (ENS), Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Drive Encryption (FRP/FRMP), Threat Intelligence Exchange (TIE), Data Exchange Layer (DXL), Policy Auditor, Rogue System Detection, Trellix Security for Microsoft Exchange (TSME), Application and Change Control (Solidcore), and File Integrity Monitoring (FIM).
  • Experience implementing and managing application whitelisting, endpoint hardening, encryption, and data protection technologies; integrating endpoint security platforms with SIEM, SOAR, threat intelligence, and identity management solutions.
  • Strong understanding of endpoint security architecture, cyber threat detection, incident response, and risk management principles; experience developing and maintaining DLP policies, device control mechanisms, and data exfiltration prevention controls.
  • Experience supporting SOCs and enhancing 24x7 threat monitoring and response capabilities; ability to develop security engineering standards, SOPs, playbooks, and operational procedures.
  • Experience supporting compliance initiatives and implementing security controls aligned with federal cybersecurity frameworks and regulations; strong analytical, troubleshooting, and root-cause analysis skills.

SALARY RANGE: $138,000 - $166,000

The salary range for this position is determined based on qualifications, skills, and relevant experience. The final salary offered will be determined based on several factors including:

  • The candidate's professional background and relevant work experience
  • The specific responsibilities of the role and organizational needs
  • Internal equity and alignment with current team compensation
  • This role is also eligible for additional compensation, subject to the terms and policies of MetroStar, which may include:
  • Performance-based bonuses
  • Company-paid training and/or certifications
  • Referral bonuses

To apply for this position, please submit your resume via the form below or through our careers page: https://www.metrostar.com/jobs/

Application Deadline: Applications will be accepted on a rolling basis until the position is filled; candidates are encouraged to apply as early as possible for full consideration.

Additional Compensation: This role may also be eligible for bonuses and/or additional incentives based on individual and company performance.

Benefits: All full-time employees are eligible to participate in our benefits programs:

  • Health, dental, and vision insurance
  • 401(k) retirement plan with company match
  • Paid time off (PTO) and holidays
  • Parental Leave and dependent care
  • Flexible work arrangements
  • Professional development opportunities
  • Employee assistance and wellness programs

Like we said, we are big fans of our people. That’s why we offer a generous benefits package, professional growth, and valuable time to recharge. Learn more about our company culture code and benefits. Plus, check out our accolades.

Commitment to Non-Discrimination All qualified applicants will receive consideration for employment based on merit and without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, status as a protected veteran, or any other status protected by applicable federal, state, local, or international law.

What we want you to know:

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Not ready to apply now?

Sign up to join our newsletter here.