Senior IR Advisor -

Interested in leading diverse technical teams who investigate computer crimes, eradicate threat actors, and remediate victim environments? Can you think like an attacker to stay one step ahead, or understand the operational security controls needed to detect, remediate, and prevent compromises? Mandiant seeks Incident Response and Remediation Project Managers with strong communication skills, technical tracking capabilities, and an eagerness to lead projects in support of clients actively facing adversity. Our consultants must be comfortable working in teams to tackle challenging projects, communicating with clients, expediting assistance with containment and remediation activities, as well as creating and presenting high-quality deliverables.  This role will need to quickly assess victim needs, engage diverse Mandiant resources, and work with internal and external stakeholders to take our clients from impacted to resilient.

Responsibilities:

• Lead and provide guidance to clients for Incident Response, containment, and remediation activities
• Provide project management and governance for large-scale Incident Response Remediation engagements, consisting of multiple workstreams and resource assignments
• Effectively communicate remediation strategies and workstreams to client stakeholders including technical staff, executive leadership, and legal counsel
• Identify client internal stakeholders, build relationships of trust, anticipate long term needs, translate to Mandiant services, rally resources and foster opportunities
• Validate and track completion of detailed remediation tasks
• Advise clients on tactical implementation of critical tasks, including threat actor containment, eradication, and environment recovery
• Review and assist clients with implementing hardening controls across diverse technologies including Active Directory
• Engage teams to plan and coordinate enterprise-scale password resets across multi-domain trust environments
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Assist with scoping prospective engagements, participating in engagements from kickoff through full remediation, and mentoring less experienced staff

• Bachelor’s degree in a technical field
• Minimum 5 years of comparable experience; minimum 8 years of experience if no degree 
• 5+ years of experience in at least five of the following areas:
  • Developed information security related project plans and led teams to implement technical recommendations
  • Documented project requirements that clearly define scope in terms of cost, schedule, technical deliverables, and milestones
  • Understanding of enterprise security controls in Active Directory / Windows environments
  • Understanding of Privileged Access Management best practices
  • Understanding of  Windows and Unix endpoint hardening and security control enforcement
  • Understanding of enterprise networking and knowledge of network segmentation strategies
  • Expertise in developing strategies for network and host-based firewall configurations
  • Expertise in developing strategies for logging configurations of network devices, Windows and Unix endpoints

Additional Qualifications:

• Willingness to travel up to 30%
• Ability to successfully interface with both internal and external clients
• Ability to document and explain technical details in a concise, understandable manner
• Ability to manage and balance own time among multiple tasks, and lead junior staff when required

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is a regionally-based role and candidates must be located in the Central Region of the United States, including Texas, Illinois, Wisconsin, Minnesota and other states within the central time zone.