Work in Washington Veterans Jobs

Job Information

Mandiant, Inc. Principal Incident Response Consultant (Remote - West Region, US) in Seattle, Washington

Company DescriptionSince 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant's approach helps organizations develop more effective and efficient cyber security programs and instillsconfidence in their readiness to defend against and respond to cyber threats.Job DescriptionMandiant Services provides industry-leading incident response, assessment, transformation, managed detection and response, and training services with hands-on tactical support. Mandiant helps organizations effectively detect and respond to threats and reduce overall impact of business risk before, during, and after an incident. Our world class incident responders are able to resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment, remediation, and crisis management.The Mandiant Incident Response team is seekinga strong technical lead to manage large, client-facing projects and train/mentor other security consultants. In this role, you will use yourdeep understanding of both existing and emerging threat actors, as well as experienceidentifyingrapidly changing tools, tactics and proceduresof attackers. You must be able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage large client-facing projects, and help to train/mentor other security consultants.The successful candidate will possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines. If you are interested in investigating computer crimes and breaches that make the headlines - and many more that don't,then this opportunity is for you.What You Will Do:Lead large, client-facing projects while mentoring/training junior team membersConduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigationsUtilize Mandiant and FireEye technology to conduct large-scale investigations and examine endpoint and network-based sources of evidenceRecognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigationsBuild scripts, tools, or methodologies to enhance Mandiant's incident investigation processesDevelop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiencesWork withclientssecurity and IT operations teams to implement remediation plans in response to incidentsQualificationsMinimum Requirements:7+ years of comparable experienceExperience with at least three of the following:Windows disk and memory forensicsNetwork Security Monitoring (NSM), network traffic analysis, and log analysisUnix or Linux disk and memory forensicsStatic and dynamic malware analysisExperience and understanding of enterprise security controls in Active Directory/Windows environmentsExperience building scripts, tools, or methodologies to enhance investigation processesExperience leading external client engagementsMust be able to work in the US without sponsorshipDesired Qualifications:Ability to travel up to 30% when travel resumesEffectively communicating investigative findings and strategies totechnical staff, executive leadership, legal counsel, and internal and external clientsEffectively develop documentation and explain technical details in a concise, understandable mannerStrong time management skills to balance time among multiple tasks, and lead junior staff when required