Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Jobs - Senior Incident Response Consultant Alexandria, VA GCFA, GNFA, GCFE, GCIA, or GCWN InfoSec Jobs

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Senior Incident Response Consultant
Company FireEye
Location Alexandria, VA
Preferred GIAC Certifications GCFA, GNFA, GCFE, GCIA, or GCWN
Travel 30%
Salary Not provided
Contact Name Jennifer Peyton
Contact Email jennifer.peyton/at/
Expires 2018-07-17

Job Description

The Company:

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 5,800 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.

The Role:

Interested in investigating computer crimes and breaches that make the headlines – and many more that don’t? Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect, remediate, and prevent compromises? The Mandiant Consulting team is seeking a strong technical lead to manage large, client-facing projects and train/mentor other security consultants. The successful candidate will possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines.

Conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations
Utilize Mandiant and FireEye technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
Work with security and IT operations at clients to implement remediation plans in response to incidents
Assist with scoping prospective engagements, participating in investigations from kickoff through remediation, and mentoring less experienced staff
Provide training, present to small groups, and speak in public in venues such as conferences

Bachelor's degree in a technical field
At least three of the following:
Windows disk and memory forensics
Network Security Monitoring (NSM), network traffic analysis, and log analysis
Unix or Linux disk and memory forensics
Static and dynamic malware analysis
Applied knowledge in at least one scripting or development language (such as Python)
Thorough understanding of enterprise security controls in Active Directory / Windows environments
Experience with hands-on penetration testing against Windows, Unix, or web application targets
Minimum 5 years of comparable experience; minimum 8 years of experience if no degree
Must be eligible to work in the US without sponsorship

Additional Qualifications:
Ability to travel up to 30%
GCFA, GNFA, GCFE, GCIA, or GCWN preferred
Ability to successfully interface with clients (internal and external)
Ability to document and explain technical details in a concise, understandable manner
Ability to manage and balance own time among multiple tasks, and lead junior staff when required

All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.