Senior Research & Investigations Analyst

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions.

Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

As a Research Analyst within Mandiant Managed Defense, you will develop and maintain analysis methodologies for extended detection and response (XDR) service delivery. The Research Analyst is responsible for reviewing the output of automated detection and classification models and developing requirements for enhancements and new models.

The research analyst will also work with the Mandiant Managed Defense Security Operations Center and Advanced Analysis Team to investigate malicious activity detected at Managed Defense customers.

What You Will Do:

• Develop investigative workflows and methodologies and optimize existing processes in Mandiant Managed Defense.
• Assist in investigations of malicious activity detected in Mandiant Managed Defense customer environments.
• Develop detailed technical requirements for new detection models and enhancements to existing models.
• Validate technical solutions and workflows in the Mandiant Advantage platform
• Develop and maintain technical documentation for Mandiant Managed Defense solutions
• Facilitate the adoption of new capabilities, methodologies, solutions, or product features within Managed Defense.

Minimum Requirements:

• 4+ years in a hands-on technical role of network forensic analyst, host forensics analysis, incident responder or similar functions.
• 2+ years of experience with and knowledge of packet flow, TCP/UDP traffic, Security Incident Event Monitoring (SIEM) Tools, IDS technologies (e.g., Snort rules), proxy technologies, antivirus solutions, and other enterprise security operations tools

Desired Requirements:

• Deep technical knowledge of technologies used to perform incident response, computer forensics, endpoint detection and response, network security, cloud security, and/or application security.
• Technical understanding of endpoint detection and response technologies such as FireEye Endpoint Security, Microsoft Defender for Endpoint, Carbon Black, CrowdStrike, and SentinelOne.
• Technical understanding of network intrusion detection and prevention technologies such as FireEye Network Security, Suricata, and Snort.
• Experience with security detection and response for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and Oracle Cloud Infrastructure.
• Ability to make technology prioritization decisions based on market research and analysis provided by Strategic Product Management.

At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $100,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from Mandiant’s Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, Mandiant also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. Mandiant also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.