Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. Mandiant partners with Federal Governments across the globe to protect their national security interests, guarding nation-state secrets, and defending critical infrastructure from cyber-attacks. Our experience has provided us with a unique understanding of the challenges Federal Governments face, and we systematically align our solution and product development cycles to meet their needs. Mandiant isn’t just focused on one threat vector or adversary type. We counter all evolving cyber threats facing public and private sector organizations around the globe.
The Insider Threat Analyst will provide day-to-day insider threat subject matter expert services for federal and commercial clients. Focus will be on insider threat program build out, tool deployments, investigations, using strong problem-solving skills, and able to communicate effectively to people at various layers to assist leadership to make timely and well thought out decisions. This role will work cross-functionally with their peers on other teams such as intelligence and SOC analysts. This role is considered a subject matter expert for insider threat analysis.
What You Will Do:
- Provide guidance on building and/or maturing insider threat programs, detecting and responding to computer security incidents, and implementation of tools and technologies used for enterprise security
- Evaluate client needs, coordinate design for an insider threat solution, and clearly communicate the value proposition of implementation
- Implement and/or assess existing security controls
- Provide expert level knowledge of tools and technologies used for enterprise insider threat
- Hands on analysis and insider threat investigations to include intelligence collection and forensics activities leveraging DLP, UBA, SIEM, EDR, and Mandiant proprietary tools
- Maintain all client technology and Mandiant test labs, as appropriate
- Primary work location: Reston, VA (Remote)
- Excellent written and verbal communication skills
- Bachelor’s degree in an IT-related field or equivalent experience
- 5+ years of experience building security programs to include hands-on implementation and/or assessment of security controls
- 5+ years of expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to insider incidents, and/or collecting, analyzing, and disseminating insider threat intelligence
- Interaction with C-level executives
- Quickly master, simplify, and communicate the value proposition of complex subjects to clients
- Use formal project management skills in planning, tracking, and reporting on project progress
- Evaluate customer needs, coordinate design for an insider threat solution, and clearly communicate solutions
- Thorough understanding of cyber security operations, event monitoring, backup tooling, and SIEM tools
- Familiarity with security bypasses and backdoors to security controls as investigation points
- Familiarity with cloud technologies such as Microsoft Azure and Amazon Web Services
- Minimum of 7 years relevant in cybersecurity
- Minimum of 5+ years in use and system administration of insider threat tools such as SIEM, DLP, and UBA
- Provide expert level knowledge of insider threat tools and technologies used for enterprise security
- Bi-/Multi-lingual (languages of highest need include Spanish, Russian, Chinese, and Arabic)
- Law Enforcement (LE) background is preferred
- Intelligence background within US Government or equivalent is preferred
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
This is a regionally-based role that must be located in the East or Central Region of the United States.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute