Company Description
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html.
Job Description
Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that FireEye knows more about today's advanced threats than anyone. Mandiant partners with Federal Governments across the globe to protect their national security interests, guarding nation-state secrets, and defending critical infrastructure from cyber-attacks. Our experience has provided us with a unique understanding of the challenges Federal Governments face, and we systematically align our solution and product development cycles to meet their needs. FireEye Mandiant isn’t just focused on one threat vector or adversary type. We counter all evolving cyber threats facing public and private sector organizations around the globe.
The Insider Threat Analyst will provide day-to-day insider threat subject matter expert services for federal and commercial clients. Focus will be on insider threat program build out, tool deployments, investigations, using strong problem-solving skills, and able to communicate effectively to people at various layers to assist leadership to make timely and well thought out decisions. This role will work cross-functionally with their peers on other teams such as intelligence and SOC analysts. This role is considered a subject matter expert for insider threat analysis.
What You Will Do:
Provide guidance on building and/or maturing insider threat programs, detecting and responding to computer security incidents, and implementation of tools and technologies used for enterprise security
Evaluate client needs, coordinate design for an insider threat solution, and clearly communicate the value proposition of implementation
Implement and/or assess existing security controls
Provide expert level knowledge of tools and technologies used for enterprise insider threat
Hands on analysis and insider threat investigations to include intelligence collection and forensics activities leveraging DLP, UBA, SIEM, EDR, and Mandiant proprietary tools
Maintain all client technology and Mandiant test labs, as appropriate
Primary work location: Reston, VA (Remote)
Qualifications
Excellent written and verbal communication skills
Bachelor’s degree in an IT-related field or equivalent experience
Provide expert experience building security programs to include hands-on implementation and/or assessment of security controls
Provide expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to insider incidents, and/or collecting, analyzing, and disseminating insider threat intelligence
Interaction with C-level executives
Quickly master, simplify, and communicate the value proposition of complex subjects to clients
Use formal project management skills in planning, tracking, and reporting on project progress
Evaluate customer needs, coordinate design for an insider threat solution, and clearly communicate solutions
Thorough understanding of cyber security operations, event monitoring, backup tooling, and SIEM tools
Familiarity with security bypasses and backdoors to security controls as investigation points
Familiarity with cloud technologies such as Microsoft Azure and Amazon Web Services
Minimum of six years relevant in cybersecurity
Minimum of three years in use and system administration of insider threat tools such as SIEM, DLP, and UBA
Additional Qualifications:
Provide expert level knowledge of insider threat tools and technologies used for enterprise security
Bi-/Multi-lingual (languages of highest need include Spanish, Russian, Chinese, and Arabic)
Law Enforcement (LE) background is preferred
Intelligence background within DoD or equivalent is preferred
Additional Information
At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. This is a regionally-based role that must be located in the Southeast region of the US with preference to Virginia, Maryland, and Washington DC.
Comments