FireEye, Inc. logo
Senior Incident Response & Malware Analysis Consultant (Top Secret Clearance) - FireEye, Inc. Washington D.C., DC, United States Bookmark Share Print 452 1 3

Listing Description

Position Title: Senior Incident Response & Malware Analysis Consultant (Top Secret Clearance)

Location: Washington, DC

The Company:

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 5,300 customers across 67 countries, including more than 825 of the Forbes Global 2000.

The Role:

The Mandiant Consulting team is seeking a passionate and highly skilled Incident Response Consultant to support a critical customer mission! The Incident Response Consultant will sustain the FireEye platform(s) and provide ongoing breach detection, incident response, forensic examination, malware analysis and remediation services to a strategic customer.

If you are fanatical about security, will do whatever it takes to keep the bad guys out, enjoy hunting for attackers and thrive on responding to security incidents, we want to hear from you!

Responsibilities:

Perform hunting activities to search the network for indicators of compromise

Perform advanced code analysis of malicious code detected on the network

Provide advanced traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends and patterns

Perform live response data collection and analysis on hosts of interest in an investigation

Correlate and analyze relevant events from host and network device log files

Perform incident response and malware analysis to investigate incidents and potential indicators of compromise

Help determine the extent of the compromise, attributes of any malware and possible data exfiltrated

Perform complex scripting (Shell, Perl, Python or other language) and to repurpose the results and automate artifact collection

Research and incorporate relevant threat intelligence during the investigation and in written and verbal reports

Develop, document and manage containment strategy

Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response

Advance intrusion detection capabilities through the build, test, and deployment of customized IDS signatures

Represent the client on working groups, task forces, and committees and provide relevant information in support of national objectives

Assist in the deployment of endpoint security devices and provide ongoing support

Search for known indicators of compromise related to specific threats or incidents identified

Requirements:

Must hold an active Top Secret clearance

Four or more years’ experience in a hands-on technical role of network forensic analyst, malware analyst, incident responder or similar

One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or similar

Expertise in analysis of TCP/IP network communication protocols

Experience with and knowledge of packet flow, TCP/UDP traffic, firewall technologies, IDS technologies (e.g., Snort rules), proxy technologies, and antivirus, spam and spyware solutions

Experience conducting analysis of electronic media, packet capture, log data and network devices in support of intrusion analysis or enterprise level information security operations

Experience with a programming/scripting language such as Python, Perl or similar in an incident handling environment

Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats

Excellent communication and presentation skills with the ability to present to a variety of external audiences, including senior executives

Excellent written communication skills

Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner, as well as to set and manage expectations with senior stakeholders and team members

Additional Qualifications:

Experience with FireEye and Mandiant products, especially Mandiant for Intelligent Response (MIR) highly preferred

Experience with malware analysis and reverse engineering preferred

FireEye is an Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.Responsibilities:

Perform hunting activities to search the network for indicators of compromise

Perform advanced code analysis of malicious code detected on the network

Provide advanced traffic analysis (at the packet level) and reconstruction of network traffic to discover anomalies, trends and patterns

Perform live response data collection and analysis on hosts of interest in an investigation

Correlate and analyze relevant events from host and network device log files

Perform incident response and malware analysis to investigate incidents and potential indicators of compromise

Help determine the extent of the compromise, attributes of any malware and possible data exfiltrated

Perform complex scripting (Shell, Perl, Python or other language) and to repurpose the results and automate artifact collection

Research and incorporate relevant threat intelligence during the investigation and in written and verbal reports

Develop, document and manage containment strategy

Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response

Advance intrusion detection capabilities through the build, test, and deployment of customized IDS signatures

Represent the client on working groups, task forces, and committees and provide relevant information in support of national objectives

Assist in the deployment of endpoint security devices and provide ongoing support

Search for known indicators of compromise related to specific threats or incidents identified


Listing Details

  • Salary: $130000 - $150000
  • Citizenship: Top Secret
  • Incentives: Both

 

  • Education: Bachelors Degree
  • Travel: No Travel
  • Telework: No Telecommute



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765