Back to all jobs

Threat Research Analyst (Remote-USA)

FireEye

Jul 20

Company Description

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at https://www.fireeye.com/company.html.

Job Description

As a Threat Research Analyst, you will be researching threats against AWS, Microsoft Azure, and Google Cloud environments, and reproducing them with the Mandiant Security Validation platform, in order to enable customers to empirically measure and improve their defenses against attacks targeting their cloud environments.

What Will You Do:

  • Research adversary tactics, techniques and procedures (TTPs) targeting cloud environments using open-source and FireEye resources
  • Creating adversary emulations using Python and BRT R&D lab
  • Providing feedback on product features and suggesting enhancements to cloud validation functionality

Qualifications

Requirements:

  • Experienced in using Python, PowerShell, and Bash to write scripts and light-weight applications
  • Experience with cloud security or investigating attacks against cloud environments, including AWS, Microsoft Azure or Google Cloud
  • Comfortable using host command-line interfaces
  • Ability to manually triage malware and understand sandbox output
  • Previous experience in analyzing artifacts including malicious executables, scripts, documents, and packet captures
  • Understanding of the TCP/IP network stack and protocols, including HTTP and DNS
  • Historical knowledge of major cyber threat actors and malware families, especially

Additional Qualifications:

  • Knowledge of security and compliance frameworks, including MITRE ATT&CK, NIST 800-53 and/or PCI
  • Ability to author, tune, and understand signatures from multi-vendor security products including Snort, Yara, Palo Alto Networks, Cisco Firepower, FireEye, Amazon GuardDuty, AWS CloudTrail and others

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $95,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye’s Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.

*Disclosure as required by sb19-085 (8-5-20)