Back to all jobs

Mandiant Strategic Consultant - Cyber


Aug 02

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at

Job Description

The FireEye Mandiant Consulting Strategic Services team ensures the long-term success of our clients by providing talented, passionate and specialized security consulting expertise. We are looking for motivated consultants with strong customer service skills to help our clients build effective security programs. The successful candidate will possess strong communication skills and experience in security governance, security risk management, security operations, and/or cyber incident response programs. 


  • Conduct security program assessments and build roadmaps to improve clients’ security posture 
  • Deliver intelligence-led table-top exercises 
  • Assess SOC and incident response team capabilities and provide recommendations for improvement 
  • Advise clients on how to prepare for incidents such as ransomware 
  • Develop bespoke documentation such as Incident Response Plans and Playbooks 
  • Participate in client workshops 

Desired Experience 

  • Bachelor’s degree in information security, information technology or related technical discipline 
  • Minimum three years of professional information security experience 
  • Strong understanding of the threat landscape 
  • Expertise in one or more of the following areas: Incident Response, Security Operations, Security Governance, Threat Intel, Cloud Security, Data Protection, Network Security, Endpoint Security, IAM 
  • Basic understanding of regulatory requirements such as GDPR 
  • Basic understanding of security frameworks, such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS 
  • Basic knowledge of tools used in penetration testing, security event analysis, incident response, computer forensics, malware analysis or other areas of security operations 
  • Basic understanding of networking, including TCP/IP protocols and network topology 
  • Basic understanding of security controls for common platforms and devices 

Additional Skills: 

  • Ability to successfully communicate with a range of technical and executive stakeholders 
  • Ability to explain technical details in a clear and concise manner 
  • Excellent report writing skills 
  • Ability to travel up to 25%