Incident Response Remediation - Enterprise Architect

FireEye Mandiant Security Consulting Services ensures the long-term success of our clients by providing talented, passionate, and specialized security expertise. Our Consultants partner with FireEye clients to evaluate, create, develop, improve, and mature information security operations and programs. By utilizing the latest industry standards and combining experience and knowledge gained from Mandiant Incident Response, Intelligence and Managed Defense practices, we are able to develop defense forward information security programs for our clients.

Mandiant seeks a Remediation Consultant with strong technical skills and an eagerness to lead projects and work with our clients. Candidates will need to apply their Active Directory, network architecture, security hardening, and logging enforcement skills to assist clients with containment and remediation workstreams. Our consultants must be comfortable working in teams to tackle challenging projects, communicating with clients, providing hands-on assistance with containment and remediation activities, and creating and presenting high-quality deliverables. 

What You Will Do: 

• Conduct Incident Response containment and remediation engagements for clients 
• Create and document detailed remediation guides and tracking documents, for clients to leverage to prepare for and execute a coordinated remediation event 
• Design and assist clients with network architecture enhancements and configuration modifications to defend against identified threats and attacker techniques 
• Recommend and document specific counter-measures and mitigating controls 
• Articulate FireEye & Mandiant’s combined capabilities in marketing discussions, proposal efforts, and capability briefings 
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences 
• Effectively communicate remediation strategies and workstreams to client stakeholders including technical staff, executive leadership, and legal counsel 

Minimum Requirements:

• 5+ years of information security experience
• Must be eligible to work in the US without sponsorship
• 4+ years experience in at least three of the following areas:
  • Lead system administrator or network engineer in an enterprise environment
  • Working with enterprise security controls in Active Directory / Windows environments
  • Active Directory Trusts and Architectures
  • Privileged Access Management best practices
  • Windows and Unix endpoint hardening and security control enforcement
  • Implementation and enforcement of technologies such as Credential Guard and Device Guard
  • Working with enterprise networking and knowledge of network segmentation strategies
  • Implementation and management for both network and host-based firewall configurations
  • Implementing logging configurations for network devices and Windows and Unix endpoints
  • PowerShell scripting

Additional Qualifications:

• Prior training and public speaking engagement experience
• Ability to successfully interface with clients and manage expectations
• Ability to document and explain technical details in a clear and concise manner
• Ability to lead a team of highly technical security professionals 
• Willingness to travel up to 50%, when travel resumes

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $120,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations. 

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye’s Compensation Committee, and vesting terms  

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.  

*Disclosure as required by sb19-085 (8-5-20)