Senior Incident Response Consultant

Employment Type

: Full-Time

Industry

: Miscellaneous



Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that FireEye knows more about today's advanced threats than anyone. Mandiant Consulting Services provides industry-leading incident response, assessment, transformation, managed detection and response, and training services with hands-on tactical support. Mandiant helps organizations effectively detect and respond to threats and reduce overall impact of business risk before, during, and after an incident. Our world class incident responders are able to resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment, remediation, and crisis management.

The Mandiant Incident Response team is seeking Consultants with deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers. You must be able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage large client-facing projects, and help to train/mentor other security consultants. The successful candidate will possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines. If you are interested in investigating computer crimes and breaches that make the headlines – and many more that don’t, then this opportunity is for you.

What You Will Do:

  • Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
  • Utilize Mandiant and FireEye technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
  • Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
  • Develop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiences
  • Work with clients security and IT operations teams to implement remediation plans in response to incidents
  • Requirements:

  • Bachelor’s degree in a technical field with minimum of 3 years of comparable experience
  • Experience with at least three of the following:Windows disk and memory forensicsNetwork Security Monitoring (NSM), network traffic analysis, and log analysisUnix or Linux disk and memory forensicsStatic and dynamic malware analysis
  • Thorough understanding of enterprise security controls in Active Directory/Windows environments
  • Experience building scripts, tools, or methodologies to enhance investigation processes
  • Additional Qualifications:

  • Ability to travel up to 30%
  • Effectively communicating investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients
  • Effectively develop documentation and explain technical details in a concise, understandable manner
  • Strong time management skills to balance time among multiple tasks, and lead junior staff when required
  • Must be able to work in the US without sponsorship

  • Launch your career - Create your profile now!

    Create your Profile

    Loading some great jobs for you...