Incident Response Analyst, Managed Defense

As a Managed Defense Security Analyst, you will be responsible for detecting and responding to cyber-attacks at many of the world’s top companies. Your focus will be on host and network analysis, turning over every stone looking for signs of intrusion, malware execution, and attacker activity. You will be part of an incredible team of analysts who work tirelessly to apply their security and response expertise in conjunction with Mandiant’s intelligence to deliver a high impact and value service to Managed Defense customers, providing answers, not alerts. Please note that the ideal candidate for this must be able to work in PST. 

What You Will Do:

• Monitor security appliances and provide advanced detection and response service though security event analysis and review
• Perform live response data collection and analysis on hosts of interest in an investigation
• Collate and analyze relevant events from host and network device log files
• Perform incident response and basic malware analysis to investigate incidents
• Help determine the scope of the compromise, activity associated with any malware, and assess customer impact
• Maintain current knowledge of tools and best-practices in forensics and incident response and an understanding of advanced persistent threats, including: tools, techniques, and procedures of attacker

Requirements:

• Functional knowledge of incident response, proper handling of forensic data, and the ability to provide meaningful recommendations for remediation and attack prevention
• Experience reviewing and analyzing raw log files (e.g. firewall, network flow, IDS, system logs) and performing data correlation is preferred
• Experience with Wireshark, PowerShell, and various scripting languages
• Understanding of forensic artifacts found within multiple operating systems and command line tools
• A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols
• Knowledge of network-based services and client/server applications
• Basic knowledge of both static and dynamic malware analysis

Additional Qualifications:

• Must be eligible to work in the US without sponsorship
• Exemplary communication and interpersonal skills
• The ability to clearly and concisely document and explain technical details
• Due to the sensitive nature of many Managed Defense customers, additional background checks may be required for access to customer data

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $85,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.

*Disclosure as required by sb19-085 (8-5-20)