14 Aug
Incident Response/ Digital Forensics Senior Consultant
New Hampshire, Newyork 00000 Newyork USA

Job Description

As a FireEye Mandiant IR / Forensics Senior Consultant you will join part of an industry leading team where you will be focused on providing incident response, threat analysis, digital forensics, and program management to our client base. You will be responsible for incident response, forensics and threat analysis process development for customers, as well as using your incident response skills to help identify and contain security breaches. You will also brief senior executives on threats in their environment and industry, based on FireEye Mandiant’s wealth of threat intelligence. We encourage employees to give back to the community and strongly support the sharing of expertise through authoring whitepapers, developing free tools, and speaking at conferences.The ability to be a humble expert and a strong focus on teamwork is a must.

Responsibilities:

  • Develop custom reports based on incident data from multiple sources, including network appliances, threat intelligence, network sensors, and external intelligence feeds
  • Present technical material in clear, organized briefing formats to both technical and non-technical personnel
  • Advise clients on best practices in terms of forensics and incident response tools, techniques, and procedures
  • Be able to support clients and stakeholders working in various sectors with different business objectives
  • Identify opportunities to integrate FireEye Mandiant appliances with other security products in customer’s networks
  • Develop custom incident reports and other custom configurations / use cases for FireEye Mandiant products within the customer’s environment
  • Help determine the extent of incident compromises, malware attributes, and possible data exfiltration
  • Develop, document, and manage incident containment activities for clients.
  • Maintain current knowledge of tools and best practices regarding advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response processes

Qualifications

Qualifications:

  • A minimum of 3 years ofexperience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer / consultant
  • Experience developing and managing incident response programs
  • Expertise in analysis of TCP/IP network communication protocols
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices supporting intrusion analysis or enterprise security operations
  • Experience with advanced computer exploitation methodologies
  • Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
  • Ability to synthesize data from multiple sources and present concise, relevant information to a non-technical audience
  • Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, a plus
  • Strong written and oral communication skills
  • Reliable team player

Preferred Qualifications:

  • Ability to work onsite in New York City, as required
  • Ability to travel up to 25%
  • One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent certifications in these areas
  • Excellent communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executives
  • Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
  • Excellent knowledge of current information security solutions and technologies, including network and host-based products
  • Experience implementing NIST information security guidelines in a diverse network environment
  • Experience and knowledge of packet flow/TCP/UDP traffic, firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (Gateway and SaaS)
  • Malware/security experience
  • Programming / scripting skills, highly desired
  • Experience with Google Suite and Microsoft Office
  • Prior experience working with state, local or federal government organizations is a plus
  • Ability to obtain a security clearance is a plus
  • Eligible to work in the US without sponsorship is a plus

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.


Related jobs

Report job