This position is part of an established and mature cyber intelligence program that evaluates closed and open-source cyber intelligence sources to keep our client apprised of emerging threats relevant to the department’s mission. You and your team will operate as the intelligence arm of the larger security organization providing actionable intelligence insights to threat hunters, incident responders, SOC analysts, and security engineers.
What you get to do every day:
- Produce actionable cyber intelligence following the Cybersecurity Threat Intelligence Lifecycle framework.
- Understand the current threat landscape including the implications of geopolitical events on the client’s network.
- Track advanced persistent threats (APT) and their tools, techniques, and procedures (TTPs)
- Collect and process open-source, classified, and internal threat intelligence artifacts to provide context and informed recommendations for the larger security team
- Collaborate with digital forensics and incident response (DFIR) to provide additional insight during investigations
- Produce intelligence-driven deliverables to brief stakeholders on any relevant tactical and strategic developments that could impact the client’s interests
- Support process improvement of the cyber threat intelligence program to meet the growing needs of the client’s dynamic mission.
*Active Top Secret with the ability to obtain an SCI*
What skills do you need?
- Bachelor’s Degree in CS-related field preferred, but not required
- 6 years of Cybersecurity threat intelligence experience
- Strong knowledge related to the current cyber threats facing US Government interests and be knowledgeable of key adversary TTPs and motivations
- Broad understanding of network architecture and network security methods including their capabilities and limitations
- Strong analytical skills and the ability to effectively research, write, communicate, and brief varying levels of audiences including at the executive level
- Ability to work proactively with limited oversight
What is ideal?
- Experience with operational security, including security operations center (SOC), incident response, basic malware analysis, and threat hunting
- Experience within the US Intelligence Community and Intelligence Community Directive 203 Analytic Standards
- Certifications including:
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
This position must be located in the Washington DC/Metro area.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided