Incident Response Consultant

FireEye, Inc. (Munich, Deutschland) Vor 10 Tagen veröffentlicht

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

Job Description

FireEye Mandiant is focused on the long-term success of our customers by providing talented, passionate, and specialized security monitoring, threat intelligence, and incident management consulting expertise. We are looking for a motivated and experienced Incident Response Consultant with a great technical background and customer facing delivery experience to help customers respond to the most sophisticated attacks and help to continually improve our own program methodology. The successful candidate will possess strong consulting skills and possess in-depth experience in security operations, cyber threat intelligence, and computer incident response.

What you will do:

  • Host/network based forensic investigations
  • Develop custom reports based on data from multiple sources, including FireEye appliances, FireEye threat intelligence, network sensors, and outside intelligence feeds
  • Present technical material in a clear, organized briefing to a mix of technical and non-technical personnel
  • Fully scope and present findings for a broad range of incidents from Nation state APT to Financially motivated cyber-crime incidents
  • Develop, document and manage a containment and remediation strategy for customers
  • Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response

Requirements:

  • Experience in an analytical role of either network forensics analyst, threat analyst, incident response or security engineer/ consultant
  • One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent experience in these areas
  • Experience developing and managing incident response programs
  • Understanding of the workings and analysis of TCP/IP network communication protocols 
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Experience with advanced computer exploitation methodologies
  • Ability to integrate data from multiple sources and present concise, relevant information to a non-technical audience
  • Experience with FireEye products, desired
  • Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment

Qualifications

  • Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
  • Excellent communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executives
  • Exceptional written communication
  • Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
  • Ability to set and manage expectations with senior stake-holders and team members
  • Excellent knowledge of current information security solutions and technologies, including network and host based products
  • Experience and knowledge of packet flow/TCP/UDP traffic
  • Experience in dynamic analysis of malware
  • Experience with a scripting language such as Perl, Python or other scripting language in an incident handling environment


Incident Response Consultant

Auf der Website des Unternehmens bewerben
Back to search page
;