Back to all jobs

Senior Insider Threat Analyst - Remote (Northeast US Region)

FireEye

Aug 20

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html.

Job Description

Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that FireEye knows more about today's advanced threats than anyone.  Mandiant partners with Federal Governments across the globe to protect their national security interests, guarding nation-state secrets, and defending critical infrastructure from cyber-attacks. Our experience has provided us with a unique understanding of the challenges Federal Governments face, and we systematically align our solution and product development cycles to meet their needs. FireEye Mandiant isn’t just focused on one threat vector or adversary type. We counter all evolving cyber threats facing public and private sector organizations around the globe.

The Insider Threat Analyst will provide day-to-day insider threat subject matter expert services for federal and commercial clients. Focus will be on insider threat program build out, tool deployments, investigations, using strong problem-solving skills, and able to communicate effectively to people at various layers to assist leadership to make timely and well thought out decisions. This role will work cross-functionally with their peers on other teams such as intelligence and SOC analysts. This role is considered a subject matter expert for insider threat analysis.

What You Will Do:

  • Provide guidance on building and/or maturing insider threat programs, detecting and responding to computer security incidents, and implementation of tools and technologies used for enterprise security
  • Evaluate client needs, coordinate design for an insider threat solution, and clearly communicate the value proposition of implementation
  • Implement and/or assess existing security controls
  • Provide expert level knowledge of tools and technologies used for enterprise insider threat
  • Hands on analysis and insider threat investigations to include intelligence collection and forensics activities leveraging DLP, UBA, SIEM, EDR, and Mandiant proprietary tools
  • Maintain all client technology and Mandiant test labs, as appropriate
  • Primary work location: Reston, VA (Remote)

Qualifications

  • Excellent written and verbal communication skills
  • Bachelor’s degree in an IT-related field or equivalent experience
  • Provide expert experience building security programs to include hands-on implementation and/or assessment of security controls
  • Provide expert in-depth knowledge in collecting, analyzing, and escalating security events; responding to insider incidents, and/or collecting, analyzing, and disseminating insider threat intelligence
  • Interaction with C-level executives
  • Quickly master, simplify, and communicate the value proposition of complex subjects to clients
  • Use formal project management skills in planning, tracking, and reporting on project progress
  • Evaluate customer needs, coordinate design for an insider threat solution, and clearly communicate solutions
  • Thorough understanding of cyber security operations, event monitoring, backup tooling, and SIEM tools
  • Familiarity with security bypasses and backdoors to security controls as investigation points
  • Familiarity with cloud technologies such as Microsoft Azure and Amazon Web Services
  • Minimum of six years relevant in cybersecurity
  • Minimum of three years in use and system administration of insider threat tools such as SIEM, DLP, and UBA

Additional Qualifications:

  • Provide expert level knowledge of insider threat tools and technologies used for enterprise security
  • Bi-/Multi-lingual (languages of highest need include Spanish, Russian, Chinese, and Arabic)
  • Law Enforcement (LE) background is preferred
  • Intelligence background within DoD or equivalent is preferred

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is a regionally-based role that must be located in Connecticut, Delaware, Maine, Massachusetts, New Hampshire, New Jersey, New York, Pennsylvania, Rhode Island, Maryland, or Vermont