Listing Description
Job Description
Mandiant’s Security Transformation Services practice helps organizations respond to breaches as well as build an effective security program that minimizes organizational risk and reduces the impact of security breaches. With a targeted focus in infrastructure and architecture, our consultants work from initial assessment, remote workshops to explore a client’s environment, configuration review of security controls, to detailed practical technical recommendations to harden the environment, enhance visibility and detection, and improve processes to reduce the risk of compromise.
A successful Security Transformation Services (STS) consultant at Mandiant should possess an understanding of core information and cyber security principles. They should understand basic concepts such as network security, infrastructure security, identity and access management, and operating system/domain functionalities and be able to learn advanced concepts such as on-prem and cloud secure architecture and design concepts, working with enterprise security controls and building methodologies to enhance engagements processes.
As a Mandiant consultant, you’ll get hands-on experience with complex problems daily. We help our clients protect their most sensitive and valuable data through comprehensive and real-world scenario testing.
This is not a “press the button” type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work. You will be building up a foundation in responding to and remediating impactful cyber breaches. If you can think like an attacker, stay one step ahead, think well outside the box, or are astute enough to quickly learn these skills, then you’re the type of consultant we’re looking for.
To be successful, you will quickly assimilate new information as you face new client environments on a weekly or monthly basis. You will understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best security minds in the industry, causing you to develop new skills as you progress through your career. Are you up to the challenge?
What You Will Do:
- Conduct an analysis of both on-prem and cloud infrastructures in order to discover misconfigurations of a client’s environment
- Provide detailed recommendations to clients on how to remediate after a security event or security misconfiguration
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate and discuss findings and strategy with internal stakeholders including leadership and technical team members
- Develop scripts, tools, or methodologies to enhance processes and capabilities related to Incident Response Remediation support or proactive security assessments
Qualifications
Minimum Requirements:
- 1+ years' experience, via internships, classes, projects and similar, in at least two of the following:
- Cloud Platforms such as AWS, GCP, Azure, or OCI
- Active Directory – Domain Services, Users and Computers, or Sites and Services
- Command-line (Windows or Linux) or cmdlets using PowerShell
- Shell scripting or automation of simple tasks using Perl, Python, or Ruby
- Source code review for control flow and security flaws
- Automation tools such as CHEF, Puppet, Ansible
- Solid understanding of coding practices in Git
- 1+ years experience in either of the following areas:
- Tools used for attacking networks and Active Directory
- Tools used for log collection, review, and analysis
- Tools used for forensic collection and analysis
- Understanding of network protocols, TCP/IP networking, and encryption
- Understanding of Unix/Linux/Mac/Windows operating systems
- Must be eligible to work in the US without sponsorship
Preferred Qualifications:
- Prior experience in a technical security internship
- Experience in security competitions, CTFs and/or testing platforms such as Hack the Box, TryHackMe, Overthewire, etc
- Related projects around cybersecurity, programming, etc
- Strong technical acumen and ability to quickly assimilate new information
- Time management skills to balance time amount multiple tasks and priorities
- Ability to successfully interface with clients (internal and external) and manage expectations of others
- Ability to document and explain technical details in a concise, understandable manner
Additional Information
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire. At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Minimum Salary: 95,600.00. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations. Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms.
Benefits: Whether you are just starting your career, reaching a milestone, or gearing up for retirement, we offer plans and programs to keep you happy and healthy at any stage of life. We regularly evaluate our options to make sure they’ve got everything you need. Part of what makes Mandiant great is our diverse team, and we’ve made it our priority to provide benefits that support you on your individual journey at work and at home. Mandiant subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided