Listing Description
Job Description
The Mandiant Security team ensures the protection of the company’s people, systems, and data by providing talented, passionate, and specialized security expertise. We are looking for motivated team members with incident response, threat hunting or blue team skills to help us protect our corporate systems and users.
At Mandiant, you’ll be faced with complex problem-solving opportunities and hands-on technical opportunities daily. You will be responsible for interpreting, analyzing, and correlating complex security events from a distributed and global environment to find indicators of compromise. You will also work in close collaboration with internal and external groups to develop new capabilities to improve security situational awareness across the enterprise. This is a hands-on role in a fast-paced team and requires an individual who understands and can effectively respond to cyber-attacks. Are you ready for the challenge?
Qualifications
- Monitor security appliances and provide advanced detection and response service through security event analysis and review
- Perform live response data collection and analysis on hosts of interest in an investigation
- Collate and analyze relevant events from host and network device log files
- Perform incident response and basic malware analysis to investigate incidents
- Maintain current knowledge of tools and best practices in forensics and incident response and an understanding of advanced persistent threats, including tools, techniques, and procedures of the attacker
Requirements:
- Must be able to work weekends
- Functional knowledge of incident response and the ability to provide meaningful recommendations for remediation and attack prevention
- The ability to clearly and concisely document and explain technical details
- Experience reviewing and analyzing raw log files (e.g., firewall, network flow, IDS, system logs) and performing data correlation is preferred
- Understanding of forensic artifacts found within multiple operating systems and command-line tools
- A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols
- Knowledge of network-based services and client/server applications
- Experience with the Python programming language
Additional Qualifications:
- Ability to quickly pick up and learn new technologies
- Able to collaborate with cross-functional teams
- A willingness to be challenged and a strong desire to learn
- Good personal communications skills
- High comfort level with applications, networks, cloud architecture and coding concepts, cloud architecture and coding concepts
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided