Summary of Job Description
Whether you have a solid foundation in information technology and curiosity about emerging cyber security threats or have been “finding evil and solving crime” for years, we want to hear from you!
Join a new, quickly growing line of our business as an Event Analyst, Incident Analyst or Incident Handler. We have positions at all levels of experience for personnel operating strictly during business hours and also within a 24x7x365 shift-rotation security operations context with a focus in host-based analysis, network traffic analysis, or both.
As an Analyst or Handler in MCIRT, you will provide vital security services to MANDIANT clients (Fortune 500, Federal government agencies, etc.), review and validate emerging threats, follow established methodologies, recommend and promulgate process improvement, grow new service line capabilities, and author clear and concise client facing deliverables.
Essential Duties and Responsibilities
Review security-related events, assessing risk and validity, as well as reporting
Analyze host-based indicators of compromise or network traffic to assist in generating new attack signatures
Analyze additional log, forensic, malware or other IR-related data, as needed
Required Technical Skills
Understanding of Windows operating systems and command line tools, network protocols, TCP/IP fundamentals
Knowledge of network protocols, TCP/IP fundamentals
Knowledge of network based services and client/server applications
Familiarity with intrusion detection systems (e.g., snort) and tools (e.g., tcpdump, Wireshark)
Familiarity with network architecture and security infrastructure placement
Other Required Skills
Ability to successfully interface with clients
Ability to document and explain technical details clearly and concisely
Additional Skills that Will Distinguish Candidates
Experience with programming/scripting languages
Background in operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services)
Background performing incident response and digital forensics
Experience in config/mgmt of feeds into event aggregation and correlation systems (e.g., Splunk, ArcSight)
Experience with improvement of analyst effectiveness by optimizing signature quality in collaboration with other analysts and developers
Background in systems administration for Windows and/or Unix based environments
Familiarity with host based security tools (e.g., EnCase, Forensic Toolkit)
BS or equivalent degree in Computer Science or related technical discipline
Event Analyst : 2+ years experience in hands-on technical work
Incident Analyst : 4+ years experience in hands-on technical work
2+ years experience in an information security discipline
Incident Handler : 5+ years experience in an information security discipline
2+ years experience in incident response
Redwood City, CA
- Mandiant does not sponsor employment-based visas.
MANDIANT - 18 months ago
Mandiant is the go-to company for the Fortune 500 and government agencies that want to protect their most valuable assets from advanced...