Principal Incident Response Consultant (Remote - Ireland) - Mandiant Dublin, ie Bookmark Share Print 418 0 0

Listing Description

Job Description

 Mandiant is focused on the long-term success of our customers by providing talented, passionate, and specialized security monitoring, threat intelligence, and incident management consulting expertise. We are looking for a motivated and experienced Incident Response Consultant with a great technical background and customer facing delivery experience to help customers respond to the most sophisticated attacks and help to continually improve our own program methodology. The successful candidate will possess strong consulting skills and possess in-depth experience in security operations, cyber threat intelligence, and computer incident response.

What you will do:

• Host/network based forensic investigations
• Develop custom reports based on data from multiple sources, including  appliances,  threat intelligence, network sensors, and outside intelligence feeds
• Present technical material in a clear, organized briefing to a mix of technical and non-technical personnel
• Fully scope and present findings for a broad range of incidents from Nation state APT to Financially motivated cyber-crime incidents
• Develop, document and manage a containment and remediation strategy for customers
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response

Requirements:

• Experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/ consultant
• One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent experience in these areas
• Experience developing and managing incident response programs
• Understanding of the workings and analysis of TCP/IP network communication protocols 
• Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
• Experience with advanced computer exploitation methodologies
• Ability to integrate data from multiple sources and present concise, relevant information to a non-technical audience
• Experience with  products, desired
• Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment

• 7+ years of experience in incident response, security operations, consulting or similar
• Experience with at least three of the following: 
  • Windows disk and memory forensics 
  • Network Security Monitoring (NSM), network traffic analysis, and log analysis 
  • Unix or Linux disk and memory forensics 
  • Static and dynamic malware analysis 
• Experience and understanding of enterprise security controls in Active Directory/Windows environments 
• Experience building scripts, tools, or methodologies to enhance investigation processes 
• Experience leading external client engagements 
• Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
• Experience with advanced computer exploitation methodologies
• Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats

Desired Qualifications: 

• Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, highly desired
• Effectively communicating investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients 
• Effectively develop documentation and explain technical details in a concise, understandable manner 
• Strong time management skills to balance time among multiple tasks, and lead junior staff when required 

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.