Threat Hunter (Top Secret) - Remote (Washington/DC Metro Area) - Mandiant Washington, DC Bookmark Share Print 467 0 1

Listing Description

Job Description

• Perform security assessments providing comprehensive identification of vulnerabilities and support to clients facilitating activities within the incident response process
• Provide guidance on building and/or maturing information security programs, detecting and responding to computer security incidents, and implementation of tools and technologies used for enterprise security
• Implement and/or assess existing security controls
• Provide expert level knowledge of tools and technologies used for enterprise security
• Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
• Ensure all endpoint and hunt technologies are maintained
• Troubleshoot endpoint monitoring tools to ensure connectivity and containment functionality is maintained
• Maintain hunt tools and databases

• Top Secret clearance with SCI eligibility
• 5+ years of experience in cyber-security
• Provide in-depth knowledge in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence
• Provide in-depth knowledge in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence
• Interaction with C-level and SES
• Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations.
• Thorough understanding of cyber security operations, event monitoring, and SIEM tools (e.g., Splunk)
• Familiar with endpoint detection and response tools  (e.g., CrowdStrike, Windows Defender)
• Familiar with investigating network devices (e.g., proxies, SSL break-and-inspect, firewalls, VPN concentrators)
• Familiar with virtualization investigations (e.g., VMware, Citrix)
• Familiar with cloud investigations (e.g., Azure, O365, Amazon)
• Familiar with Unix and Windows operating systems and administrative tools

Additional Qualifications:

• A successful candidate prioritizes well, communicates clearly, and has a consistent track record of delivering results.
• The right candidate will be able to work independently, be proactive in removing roadblocks, and able to influence internal and external stakeholders.
• Prior military or government work experience is desired
• Familiarity with ticketing systems such as Jira or Confluence is desired

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire. At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is a regionally-based role that must be located within the Washington DC/Metro Region, US.