FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html.
The Deployment and Integration Security Consultant is responsible for enabling FireEye customers to protect their networks, systems, and data using FireEye technology to combat advanced attackers. As such, you will help customers deploy and configure FireEye products in a variety of customer environments and work with customers to integrate FireEye products into their security operations processes. As a FireEye consultant, you will represent the company in customer accounts, continue to advance your security expertise and experience, and work within a team to achieve successful outcomes for FireEye customers.
- Work with high profile customer accounts on product related consulting services
- Provide project management and client communication support, including requirements definition, project planning, and delivery
- Provide deployment and configuration of FireEye products
- Integrate FireEye products with other security products in the customer’s network
- Contribute to best practices documentation and technical notes for internal and external distribution
- Create customer specific process documentation around FireEye products including incident response, IOC sweeping, forensic analysis, disaster recovery, workflow and process diagrams.
- Develop custom reports and other custom configurations / use cases for FireEye products within the customer’s environment
- Support regional sales staff on in-depth technical consulting services
- Develop and implement use cases, dashboards, custom rules, and other customer specific content within FireEye products
- Perform knowledge transfer sessions on management, maintenance, best practices, and use of FireEye products, including demonstrating triage and response techniques
- Maintain current knowledge of tools and best-practices in advanced persistent threats; including tools, techniques, and procedures (TTPs) of attackers and for forensics and incident response.
- 2+ years’ experience in network and endpoint security solution deployment, architecture, and/or management
- Understanding of security infrastructure (proxies, firewalls, email filtering technologies, and network intrusion detection systems)
- Experience and knowledge of network protocols (including HTTP, ICMP, SSH, SSL/TLS, and SMTP), packet flow, TCP and UDP traffic
- Experience in analysis of TCP/IP network communication protocols for troubleshooting network connections
- Experience with SCCM and other agent push and distribution technologies
- Current knowledge of security threats, solutions, security tools and network technologies
- Ability to prioritize and execute in a methodical and disciplined manner.
- Excellent communication and presentation skills, with the ability to present to a variety of internal and external audiences, including the ability to comfortably interact with senior executives
- Ability to write comprehensive methodology and technical solutions documentation
- Ability to build strong client relationships and to interact effectively at all levels of the customer’s organization
- Ability to set and manage expectations with senior stake-holders and team members
- Willingness to travel 50% to 75%
- Experience with FireEye network, email, and/or endpoint products
- Experience working within a Security Operations Center
- Experience conducting analysis of packet captures, log data, and network devices in support of intrusion analysis or enterprise-level information security operations
- Experience with scripting languages such as PowerShell or Python.
- System administration experience with enterprise email systems
- Experience as a developer and/or user of enterprise SIEM and/or SOAR products
- System administration experience with Windows and UNIX operating systems
- Incident response, malware analysis and investigation experience
- Experience in an analytical role such as network forensics analyst, Threat Analyst or security engineer/ consultant