Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. Mandiant partners with Federal Governments across the globe to protect their national security interests, guarding nation-state secrets, and defending critical infrastructure from cyber-attacks. Our experience has provided us with a unique understanding of the challenges Federal Governments face, and we systematically align our solution and product development cycles to meet their needs. Mandiant isn’t just focused on one threat vector or adversary type. We counter all evolving cyber threats facing public and private sector organizations around the globe.
The Threat Hunter will be a proactive security advisor who leverages Operational Cyber experience to understand threats through exploitation of core services and features.
- Create Threat Models to better understand the relevant Environment Risk Areas, identify defensive gaps, and prioritize mitigations
- Author, update, and maintain SOPs, playbooks, work instructions
- Utilize Threat Intelligence and Threat Models to create threat hypotheses
- Plan and scope Threat Hunt Missions to verify threat hypotheses
- Proactively and iteratively search through systems and networks to detect advanced threats
- Analyze host, network, and application logs in addition to malware and code
- Prepare and report risk analysis and threat findings to appropriate stakeholders
- Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation
- Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise
- SECRET/TOP SECRET Clearance
- A Bachelor’s Degree from an accredited college and four years of satisfactory full-time experience related to projects and policies required by the position; OR
- Education and/or experience which is equivalent to the above
- 4+ years of experience serving as a SOC Analyst or Incident Responder
- 2+ years of experience operating System Penetration Testing and Red Teaming activities
- 2+ years of experience in leveraging Threat Intelligence Systems
- 2+ years of experience in developing threat scenarios, specializing in insider threats to cloud environments
- Strong familiarity with system vulnerability scanning tools and techniques
- Ability to work independently with minimal direction; self-starter/self-motivated
- Must have one or more of the following certifications:
- SANS GCIH (GIAC Certified Incident Handler)
- SANS GCFA (GIAC Certified Forensic Analyst)
- SANS GCIA (GIAC Certified Intrusion Analyst)
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
This position must be located in the Washington DC/Metro area.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute