Mandiant logo
Purple Team Consultant (Remote US) - Mandiant Alexandria, VA Bookmark Share Print 433 0 0

Listing Description


Job Description

A successful Consultant at Mandiant should have a deep understanding of information security and system administration. They should understand basic concepts such as networking, web applications, operating systems, and programming. You will be tasked with deploying and integrating Mandiant Security Validation (MSV) technology in the cloud and in customer environments. You will also need to integrate MSV into customer existing technology stacks such as SIEMs, endpoint technology, and IDS systems. Troubleshooting deployment and integration issues is part of the job so problem solving. Client communication and organization is a key component to this role. You will be responsible for handling multiple deployments that vary in size and scope simultaneously. You will be responsible tracking milestones, answering customer questions, and managing timelines to ensure deadlines are met.

You will participate in purple team engagements where you will run attacker tools, tactics, and procedures (TTPs) through the MSV Security Instrumentation Platform (“SIP”). You will also create new actions within MSV as you collaborate with Mandiant Intel and the Red Team to get the latest TTPs. You will need to track metrics such as median time to detection, response, and containment and document this data in our standard deliverables. Furthermore, you will need to provide regular status reports to project managers and clients as you conduct each engagement. You will work closely with customers to understand existing controls and practices and make recommendations based on detection and response capabilities.

Responsibilities:

  • Perform Purple Team engagements and technical validation for Professional Services
  • Deploy and integrate MSV technology in cloud environments and customer networks
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Write custom actions within MSV SIP that include the latest TTPs gathered by Mandiant Intelligence and the Red Team
  • Ensure documentation is up-to-date and accurate for use by other consultants and customers
  • Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
  • Recognize and safely utilize attacker tools, tactics, and procedures
  • Develop scripts, tools, or methodologies to enhance Mandiant’s purple teaming processes
  • Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff

Qualifications

Requirements:

  • 1-5 years' experience in at least three of the following:
    • Network penetration testing and manipulation of network infrastructure
    • Mobile and/or web application assessments
    • Responding to incidents in a SOC environment
    • Cloud infrastructure assessments or system administration
    • System administration
    • Shell scripting or automation of simple tasks using Perl, Python, or Ruby
  • Thorough understanding of network protocols, data on the wire, and command and control (C2) channels
  • Must be eligible to work in the US without sponsorship

Additional Qualifications:

  • Ability to travel up to 30%
  • Ability to successfully interface with clients (internal and external)
  • Ability to document and explain technical details in a concise, understandable manner
  • Ability to manage and balance own time among multiple tasks

Additional Information

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $110,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms  

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.  

*Disclosure as required by sb19-085 (8-5-20)

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire. At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Full Telecommute



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765