Senior Consultant - Incident Response (Remote - German Speaking)

  • Berlin, Germany
  • Employees can work remotely
  • Full-time

Company Description

Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

Job Description

The Mandiant Incident Response team is seeking Senior Consultants with deep understanding of both existing and emerging threat actors, as well as experience identifying rapidly changing tools, tactics and procedures of attackers. You must be able to see the big picture, understanding evolving attacker behavior and motivations, participate and manage large client-facing projects, and help to train/mentor other security consultants. The successful candidate will possess sound business acumen, strong consulting skills, and current technical skills in security operations, cyber threat intelligence, and/or incident response. If you are interested in investigating computer crimes and breaches that make the headlines – and many more that don’t, then this opportunity is for you.  

What you will do:

  • Host/network based forensic investigations
  • Develop custom reports based on data from multiple sources, including Mandiant appliances, threat intelligence, network sensors, and outside intelligence feeds
  • Present technical material in a clear, organized briefing to a mix of technical and non-technical personnel
  • Fully scope and present findings for a broad range of incidents from Nation state APT to Financially motivated cyber-crime incidents
  • Develop, document and manage a containment and remediation strategy for customers
  • Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response

Qualifications

Requirements:

  • 5+ years experience in network forensics analyst, threat analyst, incident response, security engineer/ consultant or similar role
  • Experience developing and managing incident response programs
  • Understanding of the workings and analysis of TCP/IP network communication protocols 
  • Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
  • Experience with advanced computer exploitation methodologies
  • Ability to integrate data from multiple sources and present concise, relevant information to a non-technical audience
  • Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment
  • Excellent knowledge of current information security solutions and technologies, including network and host based products
  • Native or Fluent in German both written and verbal language skills

Desired Qualifications:

  • One or more of the following technical certifications: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Reverse Engineering Malware (GREM), EnCE or equivalent experience in these areas
  • Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
  • Excellent written and verbal communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executives
  • Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
Privacy Policy