Enterprise Endpoint Security Engineer

About the Role:

We are seeking a skilled Endpoint Engineer to design, deploy, manage, and enhance our enterprise endpoint data protection controls, focusing on Trellix Endpoint Data Loss Prevention (DLP). You will be the technical lead for Trellix EDR and DLP components, ensuring the proper identification, monitoring, and protection of sensitive data across our organization.

Your expertise will play a vital role in developing a robust data protection strategy, collaborating with security leaders, risk managers, and operational teams to ensure visibility and safety of our data assets.

Key Responsibilities:

• Implement and maintain Trellix Endpoint DLP, overseeing policy automation, agent health, and performance optimization.
• Analyze and operationalize DLP policies, rulesets, and incident workflows to meet data governance needs.
• Integrate the Trellix DLP platform with SIEM, SOAR, CASB, CMDB, and identity security tools to enable comprehensive visibility and automated responses.
• Review DLP telemetry, alerts, and incidents to detect data exfiltration patterns and mitigate risks.
• Collaborate with legal, compliance, and HR teams to establish effective rulesets and exception workflows.
• Develop engineering playbooks, standard operating procedures, and runbooks for effective policy management.
• Ensure endpoint agent health and stability throughout the enterprise, conducting root-cause analysis for various issues.
• Provide guidance on data classification, secure handling, and tagging practices to application and business teams.
• Align DLP implementations with Zero Trust and enterprise data protection strategies.

Qualifications:

• 4+ years in cybersecurity engineering, data protection, or endpoint security.
• Experience with SIEM, SOAR, and identity security integrations and familiarity with the Trellix or McAfee security stack.
• Strong analytical skills and a proven ability to interpret data patterns and policy outcomes.
• Active TS/SCI clearance and willingness to undergo a polygraph exam.
• Relevant educational qualifications: Associate's degree with 5+ years of IT project experience, Bachelor's degree with 3+ years of IT project experience, or Master's degree with 1+ year of IT project experience.
• DoD 8570.01-M IAT Level II Certification (e.g., Security+ CE, CCNA-Security).
• Ability to obtain relevant Cybersecurity Service Provider - Infrastructure Support Certification upon employment.

Preferred Qualifications:

• Understanding of data loss prevention concepts and endpoint security controls.
• Excellent analytical and problem-solving abilities.

Clearance Requirement:

This position requires TS/SCI clearance, and candidates will undergo a security investigation to ensure eligibility for access to classified information.

Compensation:

Booz Allen offers a competitive compensation package including health, life, disability, financial, and retirement benefits, as well as professional development and tuition assistance. The salary for this position ranges from $99,000.00 to $225,000.00 annually, based on various factors such as experience and qualifications.

Identity Verification:

As part of the hiring process, candidates will complete an identity verification process. You will be required to be on camera during interviews.

Work Model:

Your engagement in our people-first culture is essential, and while remote work is available, you may still need to visit Booz Allen or customer facilities occasionally.

Commitment to Diversity:

We are proud to be an equal opportunity employer and welcome applications from individuals regardless of disability, veteran status, or any other protected status.