Security Operations Center ( SOC ) Trend Micro Engineer III

CompuCom   •  

Fort Mill, SC

Industry: Business Services


Less than 5 years

Posted 295 days ago

This job is no longer available.


  • Resolve agent related (client side) incidents and problems
  • Monitor Virus management tool dashboard each business day for threat trends and overall environment status
  • Establish threshold alerts to notify the appropriate stakeholders of unauthorized activity
  • Perform weekly audits of the environment to detect non-compliant systems
  • Generate incidents and escalate to the appropriate group for remediation for non-compliant systems that cannot be resolved via console
  • Validate customer security software is installed on active managed workstations
  • Submit new malicious material to Trend Micro for support
  • Define and maintain security policies, intrusion prevention policies and define update policy and settings for managed workstations
  • Configure update servers within the customer environment as needed to reduce network traffic caused by definition updates
  • Review SQL logs and client communication logs
  • Perform routine maintenance of SQL server database for anti-virus application to prevent performance issues related to SQL Server
  • Monitor definition updates, client software operation, IPS & firewall events, and track riskevents identified via the Control Manager of both PC and Server workstations.
  • Resolve service requests and incidents for excluding workstations from DLP policies and adding or removing authorized DLP devices (e.g.., encrypted external hard drives, encrypted flash drives).
  • Monitor Virus threats and communicate via triggered alerts as well as daily and weekly reports
  • Identify and track non-compliant Authorized End User workstations, take corrective action, or if necessary escalate to the appropriate support team to assist with remediation
  • Ensure software and packages are deployed via SCCM or the control manager console
  • Perform log management and security fine tuning.
  • Collaborate with client technical teams for issue resolution and mitigation. Participate and help remediate the security incidents.
  • Manage and maintain SLA’s agreed with our customers.
  • Participate in an on-call rotation to provide emergency support.

Supervisory Responsibilities: None 


Knowledge and Skill Required:


  • 3 - 4 years of experience maintaining Internet/DMZ infrastructure, understanding of Endpoint Securitytechnology (McAfee, Trend Micro)Deployment and support of Security Logs.
  • 3 – 4 years of Information Technologyexperience with networktechnologies, specifically TCP/IP, and related network tools and concepts is Desired
  • Knowledge of scriptinglanguage and ability to automate things as necessary
  • Demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
  • Experience with an enterprise-class ticketing system.
  • Hands on experience with any industry standard SIEM is desired
  • Recent Trend Micro experience is desired
  • SANS GIAC GCIA certification is desired
  • An Associate's Degree, preferably a technical field such as IT or IT Security, or progressing towards completing a Bachelor's Degree in an IT related field is desired.
  • A willingness to support the team over individual for the benefit of the customer, and by demonstrating an understanding of the expectations of good communication: gracious, grounding, proactive, helpful, precise, etc.
  • The ability to work independently and succeed on solo projects Certifications, or the ability to quickly obtain them, such as: Network+, Security+, CCNA, CISSP, CCNP, OSCP Demonstrate willingness to assist other Engineers, both NOC and SOC as necessary.

The ability to quickly develop competency in all security apps/consoles in use

The ability to quickly obtain subject matter expertise and primary responsibility.