Senior Threat Analyst

Company Description

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

Job Description

Our threat analysts on the Advanced Practices’ team work at the intersection of incident response, security operations, detection engineering, and cyber threat intelligence was formed in 2015 to exclusively focus on the most difficult threats facing our clients and our company independent of product or business lines. 

We work with every other Mandiant team to track, correlate, attribute, detect, and collect on our adversaries using advanced analysis and deep research.  Advanced Practices codifies and makes actionable the knowledge from thousands of annual event responses, all available organic telemetry, and other novel sources and methods.  As an extension of this work, Advanced Practices acts as key practitioners driving Mandiant’s larger development for technology, process, and thought leadership.

You will track all impactful adversaries by collecting, modeling, and analyzing data originating from thousands of investigations conducted by Mandiant, third party telemetry, as well as novel sources and methods. Mandiant’s recently released campaigns feature in the Mandiant Advantage SaaS platform provides security professions with a quick way to stay updated on active campaigns affecting their industries and regions.

What You Will Do:

• Be the expert in tracking and assessing impactful adversaries
• Analyze technical data to extrapolate adversary methodologies and identifiable characteristics worthy of documenting and highlighting within tracked campaigns
• Fully exploit all available leads identified through investigations to provide a comprehensive understanding of the adversary’s activity in a holistic sense while combining different datasets for maximum exposure
• Assess, cluster, & attribute seemingly disparate activity into related intrusions & campaigns
• Communicate analytical findings through curating/modeling data, providing customer-facing attribution work, and publishing tracked campaigns along with key context and analysis
• Deconflict complicated analytical efforts using organic data
• Work with multiple expert teams simultaneously in stressful environments and timeframes

Qualifications

Minimum Requirements:

• 5+ years of experience in an analytical role of either network forensics, threat analyst, or security consultant/engineer
• 5+ years of experience in Investigative or Incident Response environments
• 5+ years of experience with direct delivery of technical information to clients or public in reports or presentations
• Familiar with at least five of the following areas (and a willingness to learn the rest):
  • Graph theory
  • Encoding and decoding
  • Windows desk and memory forensics
  • Static and dynamic binary analysis
  • Network flow and traffic analysis
  • Email analysis
  • Log analysis
  • Security Operations processes
  • Incident Response processes
  • Enterprise security controls
  • Intrusion operations
  • Commercial threat intelligence data sources (internet scan data, passive DNS, domain registrant information, malware repositories)

Desired Qualifications:

• Proven analytical leadership skills with the ability to prioritize and execute
• Ability to set and manage expectations with senior stakeholders and team members
• Strong problem solving, troubleshooting, and analysis skills
• Experience working in fast-paced development environments
• Self-driven, proactive, hardworking, creative, team-player
• Excellent communication and presentation skills with the ability to present to technical and non-technical audiences
• Exceptional written communication skills

Additional Information

As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms.

Benefits: Whether you are just starting your career, reaching a milestone, or gearing up for retirement, we offer plans and programs to keep you happy and healthy at any stage of life. We regularly evaluate our options to make sure they’ve got everything you need. Part of what makes Mandiant great is our diverse team, and we’ve made it our priority to provide benefits that support you on your individual journey at work and at home. Mandiant subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.