Mandiant logo
Cybersecurity Consultant (Southeast Region, US) - Mandiant Alexandria, VA Bookmark Share Print 647 0 1

Listing Description


Job Description

Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.  Mandiant partners with Federal Governments across the globe to protect their national security interests, guarding nation-state secrets, and defending critical infrastructure from cyber-attacks. Our experience has provided us with a unique understanding of the challenges Federal Governments face, and we systematically align our solution and product development cycles to meet their needs. Mandiant isn’t just focused on one threat vector or adversary type. We counter all evolving cyber threats facing public and private sector organizations around the globe.

The Mandiant Consulting team is seeking a lead cyber security consultant with knowledge of penetration testing, incident response, security engineering and strategic services to support both federal government and commercial customers.

The primary focus of this role will be to serve a lead, working in diverse teams in support of various service lines and functions, including proactive based services, such as penetration testing, incident response and other strategic services for assessing an organization’s existing program from a strategic perspective.  

In this role, an ideal candidate is expected to be able to conduct hands-on testing as well as perform in a limited program management capacity that spans across various service lines and initiatives. Hands on testing includes direct support of incident response, performing host endpoint and network analysis; penetration testing and vulnerability analysis, as well as security architecture/organizational maturity focused assessments with an emphasis on strategic and tactical recommendations for improvements.

 What You Will Do:

  • Perform security engineering / deployment of technology using tools to identify weaknesses and gaps in Customer security technologies.
  • Perform network vulnerability assessments and penetration testing as requested; testing may also include application assessments, threat analysis, wireless network assessments and social engineering.
  • Assist with host and network and cloud cyber-Investigations, including host forensics, and log analysis stemming from security events in support of incident response investigations.
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
  • Strategic and risk-based assessments to assess organizations gaps in security tools, processes, capabilities, and staff; determine maturation, mitigative strategies and offer recommendations for improvements.
  • Effectively communicate findings and strategy to customer stakeholders, including technical staff, executive leadership, and legal counsel.
  • Provide project management such as resource management, project scheduling, cost containment, project planning and delivery oversight.
  • Recognize and safely utilize attacker tools, tactics, and procedures.
  • Develop scripts, tools, or methodologies to enhance Mandiant’s penetration testing / security engineering processes.
  • Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff.
  • Lead and assist with project deliveries to include technical lead and project management.

Qualifications

Minimum Requirements:

  • Secret or Top-Secret clearance preferred, but not required; must be able to pass a background investigation
  • Eight (8) or more years of applicable experience and a bachelor’s degree in an IT-related field or equivalent experience
  • 4+ years experience with Tuning, trouble-shooting platform technical related issues & testing security technology
  • 4+ years experience with Internal and external network penetration testing and manipulation of network infrastructure.
  • 4+ years experience with Unix/Linux/Mac/Windows operating systems, including bash and PowerShell.
  • 4+ years experience with Internet (HTTP, FTP, etc.) and network (SMB, TCP/IP, etc.) protocols and covert channels.

Desired Qualifications:

  • Ability to travel.
  • Familiarity with application DevOps concepts, tools, and technologies.
  • Good to have experience with developing, extending or modifying exploits, shellcode or exploit tools.
  • Good to have experience with developing applications in C#, ASP, .NET or Java (J2EE) desired.
  • Good to have experience reverse engineering malware, data obfuscators or ciphers.
  •  Assess compliance posture against regulatory requirements such as NIST SP 800-53, ATT&CK Mitre Framework, CSF, OWASP ASVS, and ISO 27001 desired.
  • Offensive Security Certified Professional (OSCP), Offensive Security Certified Engineer (OSCE), Offensive Security Web Expert (OSWE), and/or SANS GIAC Web Application Penetration Tester (GWAPT) Certification desired.
  • Knowledge of open security testing standards and projects, including OWASP.
  • Expertise in consulting with executive and senior-level clients to define needs and issues, developing requirements and analyzing findings to recommend solutions
  • Superior interpersonal, communication, presentation and writing skills.

Additional Information

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is a regionally-based role that must be located in Alabama, Florida, Georgia, Maryland, North Carolina, South Carolina, Tennessee, Virginia, Washington DC, or West Virginia


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Full Telecommute



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765