Incident Response Analyst- Managed Defense

FireEye Mandiant Managed Defense is a Managed Detection and Response (MDR) service that combines industry-recognized cyber security expertise, FireEye technology, and unparalleled knowledge of attackers to identify threats early in the attacker lifecycle to minimize the potential impact of a breach. Mandiant Managed Defense is continuously fueled by the industry’s largest global cyber threat intelligence capability that harnesses machine, campaign, adversary and victim intelligence gained from the frontlines of the world’s most consequential cyber-attacks enabling us to reveal even the most sophisticated attacker.

As a Managed Defense Security Analyst, you will be responsible for detecting and responding to cyber-attacks at many of the world’s top companies. Your focus will be on host and network analysis, turning over every stone looking for signs of intrusion, malware execution, and attacker activity. You will be part of an incredible team of analysts who work tirelessly to apply their security and response expertise in conjunction with FireEye’s intelligence to deliver a high impact and value service to Managed Defense customers, providing answers, not alerts. Please note that the ideal candidate for this must be able to work in PST. 

What You Will Do:

• Monitor security appliances and provide advanced detection and response service though security event analysis and review
• Perform live response data collection and analysis on hosts of interest in an investigation
• Collate and analyze relevant events from host and network device log files
• Perform incident response and basic malware analysis to investigate incidents
• Help determine the scope of the compromise, activity associated with any malware, and assess customer impact
• Maintain current knowledge of tools and best-practices in forensics and incident response and an understanding of advanced persistent threats, including: tools, techniques, and procedures of attacker

Requirements:

• Functional knowledge of incident response, proper handling of forensic data, and the ability to provide meaningful recommendations for remediation and attack prevention
• Experience reviewing and analyzing raw log files (e.g. firewall, network flow, IDS, system logs) and performing data correlation is preferred
• Experience with Wireshark, PowerShell, various scripting languages, and familiarity with FireEye tools and products
• Understanding of forensic artifacts found within multiple operating systems and command line tools
• A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols
• Knowledge of network-based services and client/server applications
• Basic knowledge of both static and dynamic malware analysis

Additional Qualifications:

• Must be eligible to work in the US without sponsorship
• Exemplary communication and interpersonal skills
• The ability to clearly and concisely document and explain technical details
• Due to the sensitive nature of many Managed Defense customers, additional background checks may be required for access to customer dataAt FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $85,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye’s Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.

*Disclosure as required by sb19-085 (8-5-20)