|Post Name||Threat Analyst|
|Employment Type||Full Time|
|Work Hours||8 Hours|
|Salary||USD 102900 Per Month|
|Job Location Type||Work From Home|
Mandiant has been a trusted partner to security-conscious organizations. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions.
Mandiant Threat Intelligence’s On-Demand Analyst Support service within the Custom Intelligence, Synthesis, and Reporting (CISR) Team provides Mandiant customers with the ability to have our expert analyst team develop succinctly, tailored deliverables answering the customer’s information needs and intelligence requirements.
In support of this service, this role involves research, analysis, and writing short and long analytic reports in response to customer requirements. They will perform strategic, tactical, and operational research and analysis of adversarial cyber threats to provide timely, actionable, clear, and concise intelligence products to customers.
Well-suited candidates are cyber threat intelligence analysts capable of responding to a wide range of questions related to cyber espionage, cyber crime, hacktivism, information operations, vulnerabilities, and/or enterprise cyber security questions.
What You Will Do:
- Triage potentially malicious binaries and/or other types of malware, including familiarity with basic to intermediate static/dynamic analysis techniques, such as:
- Identify PUP’s/PUA’s and/or dual-use hack tools
- Identify binary anomalies with basic static analysis tools
- Conduct simple script deobfuscation
- Interpret reports as generated by automated analysis sandboxes
- Highlight host-based and network-based indicators of compromise
- Reverse compiled script frameworks into source-code
- Identify significant attack-chain-related network traffic from network captures
- Conduct a differences comparison between a known good sample and a sample that has been potentially parasitically infected or trojanized
- Conduct a high-fidelity investigation into a potential False Positive identified by a security solution.
- Pivot through open-source and internal frameworks for related data associated with potentially malicious IOCs, such as IP addresses, URLs, Domains, and Hashes
- Script basic tasks with high-level scripting languages, such as Python, such as:
- Interacting with internal APIs
- Leveraging open-source and enterprise subscription service APIs
- Design tools for internal use and team distribution, and train team members in their use
- Ability to apply basic threat hunting techniques to pivot for given information to known attack patterns, malicious code families, tracked threat groups, and other historical information
- Experience training junior and peer analysts in the techniques listed above
- Vet potential frameworks and security solutions for efficacy, usability, and the ability to add value.
- Demonstrate analytical rigor through the drafting of customer-facing technical and threat investigation reports
- Background in reviewing aggregated logs for suspicious events and identifying anomalous network traffic as represented by Netflow or host traffic captures
- Able to parse captured memory dumps for significant events
Certifications from accredited institutions such as SANS and/or Offensive Security as desirable, such as:
- GIAC Reverse Engineer (GREM), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA)
- Offensive Security Certified Practitioner (OSCP)
- Certified Information Systems Security Professional (CISSP)
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices, and/or attend in-person meetings and work events.
If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire. At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence.
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Minimum Salary: 102,900.00.
The final salary will be determined commensurately with the cost of living, experience level, and/or any other legally permissible considerations. Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for the award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms.
Benefits: Whether you are just starting your career, reaching a milestone, or gearing up for retirement, we offer plans and programs to keep you happy and healthy at any stage of life. We regularly evaluate our options to make sure they’ve got everything you need.
Part of what makes Mandiant great is our diverse team, and we’ve made it our priority to provide benefits that support you on your individual journey at work and at home. Mandiant subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance.
Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time and Paid Holidays.