Security Analyst, Managed Defense - #19544044
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html
FireEye Mandiant Managed Defense is a Managed Detection and Response (MDR) service that combines industry-recognized cyber security expertise, FireEye technology, and unparalleled knowledge of attackers to identify threats early in the attacker lifecycle to minimize the potential impact of a breach. Mandiant Managed Defense is continuously fueled by the industry’s largest global cyber threat intelligence capability that harnesses machine, campaign, adversary and victim intelligence gained from the frontlines of the world’s most consequential cyber-attacks enabling us to reveal even the most sophisticated attacker.
As a Managed Defense Security Analyst, you will be responsible for detecting and responding to cyber-attacks at many of the world’s top companies. Your focus will be on host and network analysis, turning over every stone looking for signs of intrusion, malware execution, and attacker activity. You will be part of an incredible team of analysts who work tirelessly to apply their security and response expertise in conjunction with FireEye’s intelligence to deliver a high impact and value service to Managed Defense customers, providing answers, not alerts.
What You Will Do:
- Monitor security appliances and provide advanced detection and response service though security event analysis and review
- Perform live response data collection and analysis on hosts of interest in an investigation
- Collate and analyze relevant events from host and network device log files
- Perform incident response and basic malware analysis to investigate incidents
- Help determine the scope of the compromise, activity associated with any malware, and assess customer impact
- Maintain current knowledge of tools and best-practices in forensics and incident response and an understanding of advanced persistent threats, including: tools, techniques, and procedures of attackers
- Functional knowledge of incident response, proper handling of forensic data, and the ability to provide meaningful recommendations for remediation and attack prevention
- Experience reviewing and analyzing raw log files (e.g. firewall, network flow, IDS, system logs) and performing data correlation is preferred
- Experience with Wireshark, PowerShell, various scripting languages, and familiarity with FireEye tools and products
- Understanding of forensic artifacts found within multiple operating systems and command line tools
- A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols
- Knowledge of network-based services and client/server applications
- Basic knowledge of both static and dynamic malware analysis
- Must be eligible to work in the US without sponsorship
- Exemplary communication and interpersonal skills
- The ability to clearly and concisely document and explain technical details
- Due to the sensitive nature of many Managed Defense customers, additional background checks may be required for access to customer data
At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.