Listing Description
Job Description
The Company:
Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
The Role:
The Mandiant Security team ensures the protection of the company’s people, systems, and data by providing talented, passionate, and specialized security expertise. We are looking for motivated team members with incident response, threat hunting or blue team skills to help us protect our corporate systems and users.
At Mandiant, you’ll be faced with complex problem-solving opportunities and hands-on technical opportunities daily. You will be responsible for interpreting, analyzing, and correlating complex security events from a distributed and global environment to find indicators of compromise. You will also work in close collaboration with internal and external groups to develop new capabilities to improve security situational awareness across the enterprise. This is a hands-on role in a fast-paced team and requires an individual who understands and can effectively respond to cyber-attacks. Are you ready for the challenge?
Responsibilities:
- Monitor security appliances and provide advanced detection and response service through security event analysis and review
- Perform live response data collection and analysis on hosts of interest in an investigation
- Collate and analyze relevant events from host and network device log files
- Perform incident response and basic malware analysis to investigate incidents
- Maintain current knowledge of tools and best practices in forensics and incident response and an understanding of advanced persistent threats, including tools, techniques, and procedures of the attacker
Requirements:
- Must be able to work weekends
- Functional knowledge of incident response and the ability to provide meaningful recommendations for remediation and attack prevention
- The ability to clearly and concisely document and explain technical details
- Experience reviewing and analyzing raw log files (e.g., firewall, network flow, IDS, system logs) and performing data correlation is preferred
- Understanding of forensic artifacts found within multiple operating systems and command-line tools
- A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols
- Knowledge of network-based services and client/server applications
- Experience with the Python programming language
Additional Qualifications:
- Ability to quickly pick up and learn new technologies
- Able to collaborate with cross-functional teams
- A willingness to be challenged and a strong desire to learn
- Good personal communications skills
- High comfort level with applications, networks, cloud architecture and coding concepts, cloud architecture and coding concepts
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided