2953 Trellix Endpoint Specialist

Trellix Endpoint Software Suite.
- Infrastructure Endpoint Protection environment.
- Iterative approach using sprints.

**Required Security Clearance**: NATO SECRET

**Scope of Work**:
Provide Support for Trellix Endpoint Software Suite, on Site, for NCIA managed networks.

Operations:

- Ensure installation and configuration of Trellix software agents and the approved suite of endpoint protection products, is done in timely manner, as part of the physical or virtual endpoints deployment process.
- Identify the systems with incomplete endpoint protection, or unauthorized (“rogue”) endpoints, engage with the appropriate stakeholders and support the remediation of the deficiencies.
- Maintain an electronic register containing removable devices (RSM), users, timeframes, operational requirements and approvals’ status and relevant documents.
- Support the requests for software installation/update activities by temporary reducing protection levels in the infrastructure endpoint protection configurations.
- Monitor continuously all EPO dashboards, logs and alerts, identify misconfigurations and implement configurations and updates, in coordination with Level 3 support Subject Matter Experts.

Inventory:

- Maintain the CMDB updated with the Configuration Items used by the services/systems.
- Perform all operation, support and maintenance activities on the platforms.

Incident Logging, Tracking, Dispatching:

- Log and track incidents, work orders and change requests using the incident ticketing system (ITSM).
- Investigate and resolve endpoint security related issues, directly assigned by end-users/requesters, or escalated from Level 1 support, within the staff competences and administrator permissions.
- Maintain communication with end-users when needed.
- Ensure all tickets are updated with accurate and detailed information and resolved (or assigned to appropriate stakeholders) within the agreed service levels.

Escalation:

- Escalate complex issues to Level 3 support or appropriate teams when necessary.
- Follow up on escalated issues to ensure timely resolution and user satisfaction.

Knowledge Base Management:

- Contribute to the creation and maintenance of a knowledge base, documenting common issues and solutions.
- Share knowledge and best practices with team members to improve overall service quality.

Performance Monitoring:

- Monitor support metrics and KPIs to ensure high-quality service delivery.
- Participate in regular reviews to identify areas for improvement and implement corrective actions.

Automation and Efficiency:

- Develop and implement automation scripts to streamline routine support tasks such as software installations, updates, system checks and notifications.
- Utilize automation to create workflows for repetitive tasks, improve service efficiency and proactively implement solutions.

Communication and Collaboration:

- Communicate effectively with internal user community to understand their issues and provide clear instructions.
- Collaborate with IT teams to resolve issues and improve service delivery.

The following Trellix software products constitute the Infrastructure Endpoint Protection environment:

- Trellix ePolicy Orchestrator (EPO).
- Trellix Agent.
- Trellix Endpoint Security (ENS).
- Trellix Data Los Prevention - Endpoint, Network, Discover (DLP).
- Trellix Rogue System Detection (RSD).
- Trellix Data Exchange Layer (DXL).
- Trellix Threat Intelligence Exchange (TIE).
- Trellix Application and Change Control (TACC).
- The managed environment contains predominantly Microsoft Windows Server and Linux Operating systems, running on physical and virtual servers.
- The environment contains 22 EPO installations, with a total number of 8000 managed endpoints.

**Skills, Experience, and Knowledge**:
Technical Proficiency:

- The support for this service requires the following technical proficiencies with minimum 3 years experiences in the following domains: Trellix ePolicy Orchestrator (EPO); Trellix Agent; Trellix Endpoint Security (ENS); Trellix Data Loss Prevention - Endpoint, Network, Discover (DLP); Trellix Rogue System Detection (RSD); Trellix Data Exchange Layer (DXL); Trellix Threat Intelligence Exchange (TIE); Trellix Application and Change Control (TACC); Trellix Data Encryption - including Drive Encryption and File and Removable Media Protection (FRP); Windows, Linux operating systems

**Tasks**:

- The support for this service requires expertise in performing the following tasks: Installation, Configuration, Management, Security; Monitoring, Upgrade, Patching

Problem-Solving Skills:

- Strong troubleshooting skills to diagnose and resolve hardware, software, and network issues.
- Ability to guide users through problem-solving steps effectively.

Automation Skills:

- Experience with shell scripting to automate routine support tasks.
- Proficiency in automation to create workflows and automate repetitive processes.
- Ability to identify and implement automation opport