Mandiant logo
Senior Threat Deception Analyst - Remote - Mandiant Alexandria, VA Bookmark Share Print 52 0 1

Listing Description

Job Description

If you have an interest or background in reverse engineering and are looking to apply those skills to real world Threat Intelligence problems then we want to hear from you!

On the Special Programs and Innovation (SPI) Team we are focused creating innovative solutions to keep Mandiant on the front lines of Threat Intelligence. Specifically, the SPI team focuses on applying engineering and technical expertise to develop projects which allow our customers to better utilize our data, and to create new and innovative ways for Mandiant to collect Threat Intelligence. One of SPI’s critical projects is our adversary emulation solution, which focuses on synthesizing Mandiant' s intelligence to build industry-leading scenarios replication adversary behavior, for use by Red Teams and Cyber Trainers.

The goal of this project is to gain an understanding of Mandiant's intelligence and incident responses processes, and then apply engineering and malware analysis skills to create scenarios emulating adversaries from APT, FIN, or other groups.


  • Conduct extensive research into current threat activity to determine customer-relevant threat intelligence
  • Distill threat intelligence about an adversary into actionable adversary emulation scenarios
  • Apply reverse engineering skills to understand the tools, techniques, and procedures (TTPs) used by an adversary
  • Repurpose real world malware to create realistic attack scenarios
  • Work with a small team and build prototype products of the future
  • Provide mentoring to other Reverse Engineering Colleagues 
  • Build and conduct trainings on new methodologies developed by SPI

  • Have extensive knowledge on how an Offensive Cyber Operation is conducted
  • Development experience with C, Python, and Go.
  • Basic understanding of Windows operating systems internals. Experience with X86 and AMD-64 assembly and system architecture.
  • Strong in software testing and debugging
  • Ability to document and explain technical details clearly and concisely
  • Ability to understand and communicate intelligence data

Additional Information

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is a regionally-based role that must be located in Washington DC, Maryland, or Northern Virginia. 

Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided


  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Full Telecommute

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765