Senior IR Remediation Consultant

FireEye   •  

San Diego, CA

Industry: Information Technology


8 - 10 years

Posted 56 days ago

Company Description

FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.

Job Description

Do you want to lead a team of security consultants investigating computer crimes and breaches that make the headlines – and many more that don't? Can you think like an attacker to stay one step ahead of them, or understand the operational security controls needed to detect, remediate, and prevent compromises? Managers in Mandiant Consulting are responsible for selling and managing engagements across all of our service offerings. Our Managers must be comfortable leading teams on challenging projects, communicating with clients, providing hands-on assistance with containment and remediation activities, and creating and presenting high-quality deliverables.


  • Manage Incident Response containment and remediation engagements for clients
  • Provide project management and governance for large-scale remediation engagements, consisting of multiple workstreams and resource assignments
  • Create and document detailed remediation guides and tracking documents, for clients to leverage to prepare for and execute a coordinated remediation event
  • Design and assist clients with network architecture enhancements and configuration modifications to defend against identified threats and attacker techniques
  • Recommend and document specific counter-measures and mitigating controls
  • Work with our sales team and clients to scope engagements, draft contracts, and deliver services.
  • Identify, market, and develop new business opportunities
  • Supervise, coach, and develop staff
  • Articulate FireEye & Mandiant's combined capabilities in marketing discussions, proposal efforts, and capability briefings
  • Improve Mandiant's business processes and methodologies
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Effectively communicate remediation strategies and workstreams to client stakeholders including technical staff, executive leadership, and legal counsel
  • Assist with scoping prospective engagements, participating in engagements from kickoff through full remediation, and mentoring less experienced staff



  • Bachelor's or Master's degree in a technical field
  • Minimum 8-10 years of information security experience
  • Minimum 5 years of management experience
  • At least eight years of experience selling, scoping and leading security consulting offerings such as incident response, penetration testing, or enterprise security strategy engagements
  • Demonstrated experience increasing new revenue for a professional services organization
  • Experience interfacing with C-level personnel (internal and external) and board members
  • Technical expertise in at least three of the following areas:
  • Prior experience as a lead system administrator or network engineer in an enterprise environment
  • Thorough understanding of enterprise security controls in Active Directory / Windows environments
  • Active Directory Trusts and Architectures
  • Privileged Access Management best practices
  • Windows and Unix endpoint hardening and security control enforcement
  • Expertise in enforcing application whitelisting and host-based restrictions
  • Implementation and enforcement of technologies such as Credential Guard and Device Guard
  • Understanding of enterprise networking and knowledge of network segmentation strategies
  • Implementation and management for both network and host-based firewall configurations
  • Implementing logging configurations for network devices and Windows and Unix endpoints
  • PowerShell scripting
  • Must be eligible to work in the US without sponsorship

Additional Qualifications:

  • Ability to leverage project management skills to effectively budget, scope, and execute engagements
  • Ability to manage multiple projects and manage tight deadlines
  • Prior training and public speaking engagement experience
  • Ability to lead a team of highly technical security professionals
  • Ability to prepare and review customized contracts for security consulting services
  • Willingness to travel up to 30%

Additional Information

  • All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.