Security Analyst, Managed Defense

Fireeye Reston , VA 20190

Posted 2 months ago

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.

The FireEye Managed Defense team operates to relentlessly protect our customers from impactful cyber attacks. We are looking for motivated and experienced analysts with an understanding of enterprise-level security and incident response.

As a Managed Defense Security Analyst, you will be responsible for detecting and responding to cyber attacks at many of the world's top companies. Your focus will be on host and network analysis, turning over every stone looking for signs of intrusion, malware execution, and attacker activity. You will be part of an incredible team of analysts who work tirelessly to apply their security and response expertise in conjunction with FireEye's unparalleled intelligence to deliver a high impact and value service to Managed Defense customers, providing answers, not alerts.

Responsibilities:

  • Monitor security appliances and provide advanced detection and response service though security event analysis and review

  • Perform live response data collection and analysis on hosts of interest in an investigation

  • Collate and analyze relevant events from host and network device log files

  • Perform incident response and basic malware analysis to investigate incidents

  • Help determine the scope of the compromise, activity associated with any malware, and assess customer impact

  • Maintain current knowledge of tools and best-practices in forensics and incident response and an understanding of advanced persistent threats, including: tools, techniques, and procedures of attackers

Requirements:

  • Functional knowledge of incident response, proper handling of forensic data, and the ability to provide meaningful recommendations for remediation and attack prevention

  • The ability to clearly and concisely document and explain technical details

  • Experience reviewing and analyzing raw log files (e.g. firewall, network flow, IDS, system logs) and performing data correlation is preferred

  • Experience with Wireshark, PowerShell, various scripting languages, and familiarity with FireEye tools and products

  • Understanding of forensic artifacts found within multiple operating systems and command line tools

  • A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols

  • Knowledge of network-based services and client/server applications

  • Basic knowledge of both static and dynamic malware analysis

Additional Qualifications:

  • Exemplary communication and interpersonal skills

  • A willingness to be challenged and a strong desire to learn

  • An open mind, and an appetite for excellence

  • A Bachelor's degree or equivalent work experience

All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Analyst Managed Defense Intern Summer 2020

Fireeye

Posted 1 week ago

VIEW JOBS 10/5/2019 12:00:00 AM 2020-01-03T00:00 FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,500 customers across 67 countries, including more than 50 percent of the Forbes Global 2000. As an intern on the Managed Defense team, you will be the forefront of cyber defense for many of the worlds top companies. You will collaborate with other analysts to investigate security events, contextualize them with available intelligence, and identify potential threats within our customer base. You will transform event information and raw data into compromise reporting for our customers, acting to identify and halt active intrusions. You will find yourself going head to head on a daily basis with interactive attackers, nation state actors, financially motivated criminals, and malware authors. You will be empowered with access to numerous resources, including entry-points into FireEye's corpus of intelligence regarding attacker methodologies, missions, and infrastructure. You will leverage your strong understanding of attacker methodologies to keep our customers and the real people they represent safe from compromise by discovering intrusions early, scoping them, and providing written technical recommendations for customers to contain, remediate, and prevent threats in the future. Your attention to detail and dedication to security will help keep our customers safe from those who seek to take advantage of them. Learn more about Managed Defense (https://www.fireeye.com/solutions/managed-defense.html). Responsibilities: * Perform live response data collection and analysis on hosts of interest in an investigation * Collate and analyze relevant events from host and network device log files * Perform incident response and basic malware analysis to investigate incidents * Help determine the extent of the compromise, attributes of any malware, and possible data exfiltrated * Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensic and incident response Requirements: * All applicants must be currently pursuing a degree at an accredited institution * The ability to document and explain technical details clearly and concisely * Experience reviewing raw log files, data correlation, and analysis (I.e. firewall, network flow, IDS, system logs) is preferred * Experience with well-known security tools such as NMAP, Nessus, TCPDump, Wireshark, and Netcat * Understanding of Windows operating systems and command line tools * A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols * Knowledge of network-based services and client/server applications * Exemplary communication and interpersonal skills * A willingness to be challenged and a strong desire to learn * An open mind, and an appetite for excellence * Experience with and knowledge of packet flow, TCP/UDP traffic, Security Incident Event Monitoring (SIEM) Tools, IDS technologies (e.g. Snort rules), proxy technologies, antivirus solutions, and other enterprise security operations tools All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. Fireeye Reston VA

Security Analyst, Managed Defense

Fireeye