Senior Threat Research Analyst- Cloud

Job Description

As a Senior Threat Research Analyst, you will be researching threats against AWS, Microsoft Azure, and Google Cloud environments, and reproducing them with the Mandiant Security Validation platform, in order to enable customers to empirically measure and improve their defenses against attacks targeting their cloud environments.

• Research adversary tactics, techniques and procedures (TTPs) targeting cloud environments using open-source and FireEye resources
• Creating adversary emulations using Python and BRT R&D lab
• Providing feedback on product features and suggesting enhancements to cloud validation functionality

Qualifications

• Experienced in using Python, PowerShell, and Bash to write scripts and light-weight applications
• Experience with cloud security or investigating attacks against cloud environments, including AWS, Microsoft Azure or Google Cloud
• Comfortable using host command-line interfaces
• Ability to manually triage malware and understand sandbox output
• Previous experience in analyzing artifacts including malicious executables, scripts, documents, and packet captures
• Understanding of the TCP/IP network stack and protocols, including HTTP and DNS
• Historical knowledge of major cyber threat actors and malware families, especially

• Knowledge of security and compliance frameworks, including MITRE ATT&CK, NIST 800-53 and/or PCI
• Ability to author, tune, and understand signatures from multi-vendor security products including Snort, Yara, Palo Alto Networks, Cisco Firepower, FireEye, Amazon GuardDuty, AWS CloudTrail and others

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.