Mandiant Incident Response & Remediation Internship - Summer 2022



Seattle, WA
Full Time
1y ago

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at

Job Description

Mandiant’s Security Transformation Services practice helps organizations respond to breaches as well as build an effective security program that minimizes organizational risk and reduces the impact of security breaches. With a targeted focus in infrastructure and architecture, our consultants work from initial assessment, remote workshops to explore a client’s environment, configuration review of security controls, to detailed practical technical recommendations to harden the environment, enhance visibility and detection, and improve processes to reduce the risk of compromise.

A successful Security Transformation Services (STS) intern at Mandiant should possess an understanding of core information and cyber security principles. They should understand basic concepts such as network security, infrastructure security, identity and access management, and operating system/domain functionalities and be able to learn advanced concepts such as on-prem and cloud secure architecture and design concepts, working with enterprise security controls and building methodologies to enhance engagements processes.

As a Mandiant intern, you’ll get hands-on experience with complex problems daily. We help our clients protect their most sensitive and valuable data through comprehensive and real-world scenario testing.

This is not a “press the button” type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work. You will be building up a foundation in responding to and remediating impactful cyber breaches. If you can think like an attacker, stay one step ahead, think well outside the box, or are astute enough to quickly learn these skills, then you’re the type of consultant we’re looking for.

To be successful, you will quickly assimilate new information as you face new client environments on a weekly or monthly basis. You will understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best security minds in the industry, causing you to develop new skills as you progress through your career. Are you up to the challenge?

What You Will Do:

  • Conduct an analysis of both on-prem and cloud infrastructures in order to discover misconfigurations of a client’s environment
  • Provide detailed recommendations to clients on how to remediate after a security event or security misconfiguration
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Effectively communicate and discuss findings and strategy with internal stakeholders including leadership and technical team members
  • Develop scripts, tools, or methodologies to enhance processes and capabilities related to Incident Response Remediation support or proactive security assessments


Minimum Requirements:

  • 1+ years' experience, via internships, classes, projects and similar, in at least two of the following:
    • Cloud Platforms such as AWS, GCP, Azure, or OCI
    • Active Directory – Domain Services, Users and Computers, or Sites and Services
    • Command-line (Windows or Linux) or cmdlets using PowerShell
    • Shell scripting or automation of simple tasks using Perl, Python, or Ruby
    • Source code review for control flow and security flaws
    • Automation tools such as CHEF, Puppet, Ansible
    • Solid understanding of coding practices in Git
  • 1+ years experience in either of the following areas:
    • Tools used for attacking networks and Active Directory
    • Tools used for log collection, review, and analysis
    • Tools used for forensic collection and analysis
  • Understanding of network protocols, TCP/IP networking, and encryption
  • Understanding of Unix/Linux/Mac/Windows operating systems
  • Must be eligible to work in the US without sponsorship

Preferred Qualifications:

  • Prior experience in a technical security internship
  • Experience in security competitions, CTFs and/or testing platforms such as Hack the Box, TryHackMe, Overthewire, etc
  • Related projects around cybersecurity, programming, etc
  • Strong technical acumen and ability to quickly assimilate new information
  • Time management skills to balance time amount multiple tasks and priorities
  • Ability to successfully interface with clients (internal and external) and manage expectations of others
  • Ability to document and explain technical details in a concise, understandable manner

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Hourly Rate: $25. Final rate will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations. 

Benefits: Employer subsidized benefits include Medical Insurance. FireEye also provides Flexible Paid Sick Time and Paid Holidays.  

*Disclosure as required by sb19-085 (8-5-20)

Apply for this job

Click on apply will take you to the actual job site or will open email app.

Click above box to copy link
Get exclusive remote work stories and fresh remote jobs, weekly 👇
View all remote jobs
Onkar By: Onkar