Director - Research, Collections, Detections (Remote US) - Mandiant Reston, VA Bookmark Share Print 193 0 1

Listing Description

Job Description

About Advanced Practices:

Mandiant’s Advanced Practices team was created in 2015 to track and respond to the most difficult threats facing our clients and our own company. Our team of experts work together to track, correlate, attribute, and detect attacker activity using advanced analysis and deep research into adversary methods.  Advanced Practices codifies and makes actionable the knowledge from thousands of Mandiant incident response cases, Managed Defense engagements, and all significant evil from a wide range of other data sources. Key areas include:

Illumination.  Advanced Practices shines light in the darkest corners to expose and amplify complex adversary activity. We search for the nearly imperceptible traces of attackers wherever we can find them, and we seek to surface their activity for action.

Front-line Visibility. Our team of 45+ talented security researchers and threat analysis professionals bring decades of experience investigating intrusions, analyzing malware, and dissecting digital artifacts to deliver front-line innovation in Mandiant’s products and services.

Threat Discovery. Our goal is simple: to know the most about adversaries and make this knowledge actionable. Advanced Practices enables early discovery and analysis of adversary operations and their tradecraft so that our customers are protected.

It’s How that Works. Our team studies the world’s most impactful intrusions from the front-lines of Mandiant Consulting and Managed Defense to understand how apex attackers operate. Our focus on technical evidence and how our adversaries operate powers the engine that highlights who our adversaries are.

Surfacing the Unseen. We look for unique features and common adversary methods across all intrusions and malware so we can develop resilient monitoring, detection, and discovery of attacker activity. We set proactive traps and develop threat signals to capture real-time and historic adversary activity from important, evasive, and emerging threats.

Job Description:

Advanced Practices seeks a Director to guide a team of highly proficient security researchers as they create and implement research, collections, and detections across all Mandiant efforts.  As a Mandiant Director, you will use proven leadership and management experience to develop innovative solutions, enable Mandiant’s transformation to a SaaS company, and work the most challenging breaches we face.  You will use well-honed business acumen, strong knowledge of the landscape, current technical skills, and be adept at leading multiple major company iniatives impacting all of Mandiant.  This role will require a proven leader capable of overseeing complex detailed work while also guiding strategic efforts across multiple teams.

What you Will Do:

• Lead a team of senior, highly capable threat researchers
• Work across every major Mandiant internal organization
• Interact with other leaders in clients, partner organizations, and other thought leaders across the industry
• Manage company priorities, to include operational and technology efforts
• Identify improvements to internal processes and methodologies
• Act as a key leader on various major iniatives all with the goal of keeping Mandiant at the forefront of the threat landscape

About the Position:

Does finding new intrusions give you goosebumps? Do you like learning and sharing info about new attacks with your peers, your clients, and with the world? Are you hungry to track threat actors, curate threat data, work with a range of other teams, and most importantly, elevate the discovery of new and interesting things to Mandiant and to the public?

Advanced Practices is finding net-new evil across all Mandiant customers, and we lead with a team of tenacious researchers who love the thrill of the hunt. As a Director, you will lead this team focused on reverse-engineering adversary tradecraft and operationalizing what we learn for the highest echelon of subversive threats.

The best candidate will be driven to discover new intrusion activity and find creative ways to distil the voluminous threat data from our weak signals down to new and interesting findings for our clients. When we find new things, it is important to drive that knowledge into Mandiant and, when possible, into the public through blogs and contributions into other notable forums such as public threat analysis frameworks. We encourage giving back to the security community and strongly support sharing of expertise. Our team members are encouraged to author whitepapers, develop free tools, and speak at conferences as well.

Team Responsibilities:

• Hunt for emerging threat activity across all available Mandiant telemetry: discover net-new malware families, intrusion activity, and suspicious events associated with Advanced Practices and notify our customers
• Analyze technical threat data to extract TTPs, malware techniques and adversary methods with low (or no) detections, and help close those gaps within the Mandiant platform
• Drive Mandiant detections and technology through threat expertise and knowledge
• Provide threat context and integration support to multiple Mandiant service lines
• Provide threat research and context to global service delivery for Mandiant investigations
• Perform threat research and analysis during high-severity cyber-attacks impacting Mandiant customers globally

Required Skills:

• 12+ years of experience in a technical security role
• 7+ years of management experience
• Experience leading and managing high-performing teams
• 10+ years of experience in Investigative or SaaS environments
• 10+ years of experience with direct conversion of research work to scalable evil finding, to include advocating for new process and technologies
• 5+ years of experience working with engineering both in a daily troubleshooting and also long-term requirements creation role
• Proven capability to engage with and understand C-level executives both inside of Mandiant and also external to the company
• Ability to utilize multiple different sources of telemetry and convert this telemetry to a range of outputs

Desired Skills:

• Knowledge of and ability to use formal project management skills in planning, tracking, and reporting on complex project performance
• Ability to set and manage expectations with senior stake-holders and team members
• Capable of documenting and explaining technical details/efforts in a concise, actionable manner
• Strong problem solving, troubleshooting, and analysis skills
• Experience working in fast-paced development environments
• Excellent interpersonal and teamwork skills
• Self-driven, proactive, hardworking, creative, team-player
• Excellent communication and presentation skills with the ability to present to technical and non-technical audiences

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $180,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations. 

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms  

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.  

*Disclosure as required by sb19-085 (8-5-20)