Principal Incident job from Mandiant in Liverpool
Mandiant

Principal Incident Response Consultant (Remote UK)

Company: Mandiant
Category: Computer Networking Products,Computer and Network Security,Computer Software
Location: Liverpool
Posted Date:

About Job

Company Description

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

Job Description

Mandiant Security Consulting Services ensures the long-term success of our clients by providing talented, passionate, and specialized security expertise. Our Consultants partner with Mandiant clients to evaluate, create, develop, improve, and mature information security operations and programs. By utilizing the latest industry standards and combining experience and knowledge gained from Mandiant Incident Response, Intelligence and Managed Defense practices, we are able to develop defense forward information security programs for our clients.

The Mandiant Incident Response team is seeking a strong technical lead to manage large, client-facing projects and train/mentor other security consultants. In this role, you will use your deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers. You must be able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage large client-facing projects, and help to train/mentor other security consultants. The successful candidate will possess sound business acumen, strong consulting skills, current technical skills and be adept in leading multiple projects under tight deadlines. If you are interested in investigating computer crimes and breaches that make the headlines – and many more that don’t, then this opportunity is for you.

What You Will Do:
  • Lead large, client-facing projects while mentoring/training junior team members
  • Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
  • Utilize Mandiant technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence
  • Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations
  • Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes
  • Develop and present comprehensive and accurate reports, trainings and presentations for both technical and executive audiences
  • Work with clients security and IT operations teams to implement remediation plans in response to incidents

Qualifications

Minimum Requirements:
  • 7+ years of experience in incident response, security operations, consulting or similar
  • Experience with at least three of the following:
    • Windows disk and memory forensics
    • Network Security Monitoring (NSM), network traffic analysis, and log analysis
    • Unix or Linux disk and memory forensics
    • Static and dynamic malware analysis
  • Experience and understanding of enterprise security controls in Active Directory/Windows environments
  • Experience building scripts, tools, or methodologies to enhance investigation processes
  • Experience leading external client engagements
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Experience with advanced computer exploitation methodologies
  • Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats

Desired Qualifications:
  • Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment, highly desired
  • Effectively communicating investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients
  • Effectively develop documentation and explain technical details in a concise, understandable manner
  • Strong time management skills to balance time among multiple tasks, and lead junior staff when required

Interested in this job?

Receive job offers before anyone else!

Create a job alert

By clicking on "Activate", I give jobsier consent to process my data and to send me email alerts, as detailed in jobsier's Privacy policy. I may withdraw my consent or unsubscribe at any time.

More Jobs

Interested in this job?

Apply