Principal Security Analyst, Advanced Analysis Team

at

Mandiant

Reston, VA
Full Time
3y ago

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html.

Job Description

The Managed Defense Advanced Analysis team protects Managed Defense customers through the implementation of proactive hunting techniques and serves as the last line of defense during computer intrusions through rapid incident response support.

We are looking for highly motivated and technical analysts with experience in incident response, computer forensics, and threat hunting to continually improve our ability to protect organizations against the world’s most advanced attackers.

What You Will Do:

  • Perform continuous hunting activities within Managed Defense customer environments for previously unidentified threats
  • Utilize Mandiant and FireEye technology to conduct investigations and examine endpoint and network-based sources of evidence.
  • Research and incorporate relevant threat intelligence during an investigation and in written and verbal reports
  • Build scripts, tools, or methodologies to enhance Managed Defense’s threat hunting processes.
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
  • Maintain current knowledge of tools and best practices in advanced persistent threats; tools, techniques, and procedures (TTPs) of attackers; and forensics and incident response

Qualifications

Minimum Requirements:

  • 5+ years in a hands-on technical role of network forensic analyst, host forensics analysis, incident responder or similar functions. 
  • 5+ years of experience with and knowledge of packet flow, TCP/UDP traffic, Security Incident Event Monitoring (SIEM) Tools, IDS technologies (e.g., Snort rules), proxy technologies, antivirus solutions, and other enterprise security operations tools
  • 5+ years of experience conducting analysis of electronic media, packet capture, log data and network devices in support of intrusion analysis or enterprise level information security operations

 

Desired Qualifications:

  • Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
  • The ability to document and explain technical details clearly and concisely
  • Strong technical leadership skills with the ability to prioritize and execute in a methodical and disciplined manner, as well as to set and manage expectations team members
  • Understanding of Windows operating systems and command line tools.
  • Experience with a programming/scripting language such as Python in an incident handling environment
  • Reverse engineering of malware, both dynamic and static analysis
  • Excellent communication and presentation skills with the ability to present to a variety of external audiences, including senior executives

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $100,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations. 

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye’s Compensation Committee, and vesting terms  

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.  

*Disclosure as required by sb19-085 (8-5-20)  

Apply for this job

Click on apply will take you to the actual job site or will open email app.

Click above box to copy link
Copied
Get exclusive remote work stories and fresh remote jobs, weekly 👇
View all remote jobs
Onkar By: Onkar