Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Principal Incident Response Consultant

FireEye, Inc.

Principal Incident Response Consultant

Alexandria, VA
Full Time
Paid
  • Responsibilities

    Job Description

    FireEye Mandiant has been at the forefront of cyber security and cyber threat intelligence since 2004. Our incident responders have been on the frontlines of the world’s most complex breaches worldwide. We have a deep understanding of both existing and emerging threat actors, as well as their rapidly changing tools, tactics and procedures. This enables us to see the big picture, understanding evolving attacker behavior and motivations in a way others cannot.

    Interested in investigating computer crimes and breaches that make the headlines – and many more that don’t? Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect, remediate, and prevent compromises? The FireEye Mandiant Consulting team is seeking a strong technical lead to manage large, client-facing projects and train/mentor other security consultants.  The successful candidate will possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines. 

    WHAT YOU WILL DO:

    • Conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations
    • Utilize Mandiant and FireEye technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
    • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
    • Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
    • Develop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiences
    • Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
    • Work with clients security and IT operations teams to implement remediation plans in response to incidents
    • Assist with scoping prospective engagements, participating in investigations from kickoff through remediation, and mentoring less experienced staff
  • Qualifications

    Qualifications

    REQUIREMENTS:

    • Bachelor's degree in a technical field
    • Minimum 7 years of comparable experience
    • Experience with at least three of the following:
      • Windows disk and memory forensics
      • Network Security Monitoring (NSM), network traffic analysis, and log analysis
      • Unix or Linux disk and memory forensics
      • Static and dynamic malware analysis
    • Applied knowledge in at least one scripting or development language (such as Python)
    • Thorough understanding of enterprise security controls in Active Directory / Windows environments
    • Experience with hands-on penetration testing against Windows, Unix, or web application targets

    ADDITIONAL QUALIFICATIONS:

    • Ability to travel up to 30%
    • Ability to successfully interface with clients (internal and external)
    • Ability to document and explain technical details in a concise, understandable manner
    • Ability to manage and balance own time among multiple tasks, and lead junior staff when required
    • Must be able to work in the US without sponsorship

    Additional Information

    _All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. _