The Mandiant Consulting team is seeking a passionate and highly skilled Lead Cybersecurity Analyst to support a critical customer mission. The Consultant will work closely with the customer’s executive and technical teams to help develop and implement operational and security enhancement strategies associated with findings from current ongoing projects and future strategic roadmaps. In addition, the Consultant will provide ongoing malware analysis and remediation services, infrastructure analysis, breach detection, tabletop exercises and after action reports to a strategic customer.What You Will Do:
- Utilize your skills to help customers buildand operatetheir own advanced threat detection capability and help torespond to events in their environment
- Leverage your security andconsulting skills tooperate long term projectsfocusing onsecurity operations,security event monitoring, and/or computer incidentresponse
- Conduct real-time analysis using the SIEM, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying security events and false positives
- Analyze potential security incidents and escalate toa MandiantSOC Lead Analyst for further triage or analysis.
- Provide guidance on building and/or maturing information security programs,responding to andremediatingcomputer security incidents, andoperationof tools and technologies used for enterprise security
- Interface with clients to address concernsor escalations; track and drive to closure any issues that impact the service and its value to clients
- Develop custom support documentation, best practices documentation, playbooks, briefing materials, technical notes, presentations, and other customized documentation that is specified by the Customer
- Triage and escalation of security events and vulnerabilities within the following cybersecurity domains: Threat Intelligence, Security Analytics, Communication and Network, Advanced Fraud, Identify and Access management, Asset Security, Cloud and Mobile Environments, Application / Data / Endpoint monitoring, Security Assessment
- Interface with Customer to address challenges, concerns, issues, or escalations; track and drive to closure any issues that impact the service
- Oversee and demonstrate creative solutions while aligning with Mandiant’s business processes, methodologies, and client communication methods
- 5+ years of experience in information security, threat hunting, incident response or similar
- Experience with the critical tools used in security event analysis, incident response, computer forensics, malware analysis, or other areas of security operations
- Expertise and knowledge of firewall technologies, IDS technologies, proxy technologies, Active Directory (AD) and malware/antivirus solutions.
- Experience with at least three of the following:
- Windows disk and memory forensics
- Network Security Monitoring (NSM), network traffic analysis, and log analysis
- Unix or Linux disk and memory forensics
- Static and dynamic malware analysis
- Fundamental understanding of network protocols
- Understanding of cyber security operations, event monitoring, and SIEM tools
- Familiarity with Unix and Windows operating systems and administrative tools
- Understanding of security controls for common platforms and devices, including Windows, Unix, Linux, and network equipment
- Must be able to work onsite
- Must be eligible to work in the US without sponsorship
- Effectively communicating investigative findings and strategies totechnical staff, executive leadership, legal counsel, and internal and external clients
- Effectively develop documentation and explain technical details in a concise, understandable manner
- Strong time management skills to balance time among multiple tasks, and lead junior staff when required
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.