Principal Security Analyst, Advanced Analysis Team

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

The Managed Defense Advanced Analysis team protects Managed Defense customers through the implementation of proactive hunting techniques and serves as the last line of defense during computer intrusions through rapid incident response support.

We are looking for highly motivated and technical analysts with experience in incident response, computer forensics, and threat hunting to continually improve our ability to protect organizations against the world’s most advanced attackers.

What You Will Do:

• Perform continuous hunting activities within Managed Defense customer environments for previously unidentified threats
• Utilize Mandiant and FireEye technology to conduct investigations and examine endpoint and network-based sources of evidence.
• Research and incorporate relevant threat intelligence during an investigation and in written and verbal reports
• Build scripts, tools, or methodologies to enhance Managed Defense’s threat hunting processes.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
• Maintain current knowledge of tools and best practices in advanced persistent threats; tools, techniques, and procedures (TTPs) of attackers; and forensics and incident response

Minimum Requirements:

• 5+ years in a hands-on technical role of network forensic analyst, host forensics analysis, incident responder or similar functions. 
• 5+ years of experience with and knowledge of packet flow, TCP/UDP traffic, Security Incident Event Monitoring (SIEM) Tools, IDS technologies (e.g., Snort rules), proxy technologies, antivirus solutions, and other enterprise security operations tools
• 5+ years of experience conducting analysis of electronic media, packet capture, log data and network devices in support of intrusion analysis or enterprise level information security operations

Desired Qualifications:

• Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
• The ability to document and explain technical details clearly and concisely
• Strong technical leadership skills with the ability to prioritize and execute in a methodical and disciplined manner, as well as to set and manage expectations team members
• Understanding of Windows operating systems and command line tools.
• Experience with a programming/scripting language such as Python in an incident handling environment
• Reverse engineering of malware, both dynamic and static analysis
• Excellent communication and presentation skills with the ability to present to a variety of external audiences, including senior executives

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $100,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.

*Disclosure as required by sb19-085 (8-5-20)