Principal Incident Response Remediation Consultant - Remote (Central Region, US)

Company: Mandiant
Location: Boston
Posted on: January 16, 2022

Job Description:

Company Description

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant's approach helps organizations develop more effective and efficient cyber security programs and instills---confidence in their readiness to defend against and respond to cyber threats.

Job Description

Mandiant Security Transformation Services helps organizations build an effective security operations program that minimizes organizational risk and reduces the impact of security breaches. With targeted focus in cloud architecture, our consultants work from initial assessment, on-site workshops to explore clients cloud environment, configuration review of security controls, to detailed practical technical recommendations to harden the cloud environment, enhance visibility and detection, and improve processes to reduce the risk of compromise.

Mandiant seeks Incident Response Remediation Consultants with strong technical skills and an eagerness to lead projects and work with our clients. Candidates will need to apply their Active Directory, network architecture, security hardening, and logging enforcement skills to assist clients with containment and remediation workstreams. Our consultants must be comfortable working in teams to tackle challenging projects, communicating with clients, providing hands-on assistance with containment and remediation activities, and creating and presenting high-quality deliverables.

What You Will Do:
Conduct Incident Response containment and remediation engagements for clients
Create and document detailed remediation guides and tracking documents, for clients to leverage to prepare for and execute a coordinated remediation event
Design and assist clients with network architecture enhancements and configuration modifications to defend against identified threats and attacker techniques
Recommend and document specific counter-measures and mitigating controls
Articulate FireEye & Mandiant's combined capabilities in marketing discussions, proposal efforts, and capability briefings
Develop comprehensive and accurate reports and presentations for both technical and executive audiences
Effectively communicate remediation strategies and workstreams to client stakeholders including technical staff, executive leadership, and legal counsel

Qualifications 7+ years of information security experience
Technical expertise in at least three of the following areas:
Prior experience as a lead system administrator or network engineer in an enterprise environment
Thorough understanding of enterprise security controls in Active Directory / Windows environments
Active Directory Trusts and Architectures
Privileged Access Management best practices
Windows and Unix endpoint hardening and security control enforcement
Expertise in enforcing application whitelisting and host-based restrictions
Implementation and enforcement of technologies such as Credential Guard and Device Guard
Understanding of enterprise networking and knowledge of network segmentation strategies
Implementation and management for both network and host-based firewall configurations
Implementing logging configurations for network devices and Windows and Unix endpoints
PowerShell scripting

Additional Qualifications:
Must be eligible to work in the US without sponsorship
Prior training and public speaking engagement experience
Ability to lead a team of highly technical security professionals
Willingness to travel up to 50%

Additional Information

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is a---regionally-based---role that must---be located in---Texas, Oklahoma, Kansas, Nebraska, South Dakota, North Dakota, Minnesota, Iowa, Missouri, Arkansas, Louisiana, Illinois, Wisconsin, Michigan, Indiana, Kentucky, or Ohio,

Keywords: Mandiant, Boston , Principal Incident Response Remediation Consultant - Remote (Central Region, US), Professions , Boston, Massachusetts