Incident Response Remediation Advisor (Remote Central Region, US)

Incident Response Remediation Advisor (Remote Central Region, US)

31 Jan 2021
Texas, Austin, 73301 Austin USA

Incident Response Remediation Advisor (Remote Central Region, US)

Vacancy expired!

Job Description

Interested in leading diverse technical teams who investigate computer crimes, eradicate threat actors, and remediate victim environments? Can you think like an attacker to stay one step ahead, or understand the operational security controls needed to detect, remediate, and prevent compromises? Mandiant seeks Incident Response Remediation Advisors with strong communication skills, technical tracking capabilities, and an eagerness to lead projects in support of clients actively facing adversity. Our consultants must be comfortable working in teams to tackle challenging projects, communicating with clients, expediting assistance with containment and remediation activities, as well as creating and presenting high-quality deliverables. This role will need to quickly assess victim needs, engage diverse Mandiant resources, and work with internal and external stakeholders to take our clients from impacted to resilient.


  • Lead and provide guidance to clients for Incident Response, containment, and remediation activities
  • Provide project management and governance for large-scale Incident Response Remediation engagements, consisting of multiple workstreams and resource assignments
  • Effectively communicate remediation strategies and workstreams to client stakeholders including technical staff, executive leadership, and legal counsel
  • Identify client internal stakeholders, build relationships of trust, anticipate long term needs, translate to Mandiant services, rally resources and foster opportunities
  • Validate and track completion of detailed remediation tasks
  • Advise clients on tactical implementation of critical tasks, including threat actor containment, eradication, and environment recovery
  • Review and assist clients with implementing hardening controls across diverse technologies including Active Directory
  • Engage teams to plan and coordinate enterprise-scale password resets across multi-domain trust environments
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Assist with scoping prospective engagements, participating in engagements from kickoff through full remediation, and mentoring less experienced staff


  • Bachelor’s degree in a technical field
  • Minimum 5 years of comparable experience; minimum 8 years of experience if no degree
  • Expertise/Experience in at least five of the following areas:
    • Developed information security related project plans and led teams to implement technical recommendations
    • Documented project requirements that clearly define scope in terms of cost, schedule, technical deliverables, and milestones
    • Understanding of enterprise security controls in Active Directory / Windows environments
    • Understanding of Privileged Access Management best practices
    • Understanding of Windows and Unix endpoint hardening and security control enforcement
    • Understanding of enterprise networking and knowledge of network segmentation strategies
    • Expertise in developing strategies for network and host-based firewall configurations
    • Expertise in developing strategies for logging configurations of network devices, Windows and Unix endpoints

Additional Qualifications:

  • Willingness to travel up to 30%
  • Ability to successfully interface with both internal and external clients
  • Ability to document and explain technical details in a concise, understandable manner
  • Ability to manage and balance own time among multiple tasks, and lead junior staff when required

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

This is aregionally-basedrole that mustbe located in the Central region of the US with preference to Chicago, IL or Austin, TX.

Related jobs

Job Details

  • ID
  • State
  • City
  • Job type
  • Salary
    USD N/A N/A
  • Hiring Company
    FireEye, Inc.
  • Date
  • Deadline
  • Category

Jocancy Online Job Portal by jobSearchi.