Listing Description
Job Description
Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. Mandiant partners with Federal Governments across the globe to protect their national security interests, guarding nation-state secrets, and defending critical infrastructure from cyber-attacks. Our experience has provided us with a unique understanding of the challenges Federal Governments face, and we systematically align our solution and product development cycles to meet their needs. Mandiant isn’t just focused on one threat vector or adversary type. We counter all evolving cyber threats facing public and private sector organizations around the globe.
The Insider Threat Manager will provide day-to-day insider threat subject matter leadership and expert solutions for federal and commercial clients. Focus will be on insider threat program build out, tool deployments, investigations, using strong problem-solving skills, and able to communicate effectively to people at various layers to assist leadership to make timely and well thought out decisions. This role will work cross-functionally with their peers on other teams such as intelligence and SOC analysts. This role is considered a subject matter expert for insider threat program development, build out and execution.
What You Will Do:
Provide guidance on building and/or maturing insider threat programs, building Insider Threat education programs, detecting, and responding to computer security incidents, and implementation of tools and technologies used for enterprise security
Evaluate client needs, coordinate design for an insider threat solution, and clearly communicate the value proposition of implementation
Implement and/or assess existing security controls
Provide expert level knowledge of tools and technologies used for enterprise insider threat
Hands on analysis and insider threat investigations to include intelligence collection and forensics activities leveraging DLP, UBA, SIEM, EDR, and Mandiant proprietary tools
Maintain all client technology and Mandiant test labs, as appropriate
Primary work location: Reston, VA (Remote)
Qualifications
Excellent written and verbal communication skills
Bachelor’s degree in an IT-related field or equivalent experience
5+ years of experience building security programs to include hands-on implementation and/or assessment of security controls
5+ years of expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to insider incidents, and/or collecting, analyzing, and disseminating insider threat intelligence
Interaction with C-level executives
Quickly master, simplify, and communicate the value proposition of complex subjects to clients
Use formal project management skills in planning, tracking, and reporting on project progress
Evaluate customer needs, coordinate design for an insider threat solution, and clearly communicate solutions
Thorough understanding of cyber security operations, event monitoring, backup tooling, and SIEM tools
Familiarity with security bypasses and backdoors to security controls as investigation points
Familiarity with cloud technologies such as Microsoft Azure and Amazon Web Services
Minimum of 7 years relevant in cybersecurity
Minimum of 5+ years in use and system administration of insider threat tools such as SIEM, DLP, and UBA
Additional Qualifications:
Provide expert level knowledge of insider threat tools and technologies used for enterprise security
Bi-/Multi-lingual (languages of highest need include Spanish, Russian, Chinese, and Arabic)
Law Enforcement (LE) background is preferred
Intelligence background within US Government or equivalent is preferred
Additional Information
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
This is a regionally-based role that must be located in the Washignton DC/Metro Region of the United States.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute