Red Team Incident Response Consultant - DACH

Employer: FireEye
Posted: 30-06-2020

Job Detail

Category: Cyber Security
Location: Germany, GA

Job Description

Job Description

A successful Red Team consultant at Mandiant should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a "press the 'pwn' button" type of job; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 bank, reverse engineering an application and encryption method in order to gain access to sensitive data all without being detected. If you can exploit at scale while remaining stealthy, identify and exploit misconfigurations in network infrastructure, parse various types of output data, present relevant data in a digestible manner, think well outside the box, or are astute enough to quickly learn these skills, then you're the type of consultant we're looking for.

At Mandiant, you'll be faced with complex problem solving opportunities and hands-on testing opportunities on a daily basis. We help our clients protect their most sensitive and valuable data through comprehensive and real world scenario testing. The objective doesn't end at gaining "domain admin" or "root"; this is expected and is only a starting point.

You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis. You will be expected to understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best red teamers and operators in the industry, causing you to develop new skills as you progress through your career. Are you up to the challenge?

Responsibilities:

  • Perform red/purple team assessments, external/internal/wireless network penetration, web and mobile application testing, source code reviews, network security architecture reviews, threat analysis and social-engineering assessments.
  • Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Oversee and manage implementation improvements to Mandiant's business processes, methodologies, tools and client communication methods
  • Provide expert experience building information security programs to include hands-on implementation and/or assessment of security control, including for government clients
  • Use formal project management skills in planning, tracking, and reporting on project progress
  • Manage relationships with local Sales leadership, including identifying opportunities, driving new business through established contacts and using technical acumen to assist the local delivery team

Qualifications

  • Bachelor's degree in a technical discipline (or equivalent work experience
  • Minimum of 10 years of relevant hi-tech experience, preferably in an organization with a strong Consulting presence or inside a government agency with a comparable mandate
  • Consistently able to demonstrate strong Consulting knowledge and able to articulate value proposition, or to be able to prove this is able to be learnt quickly
  • Proven experience working with local Sales leadership & external contacts to drive Consulting revenue generation, or can highlight equivalent project development and execution, including cultivation of executive sponsorship and funding in a government agency
  • Prior positive interaction with C-level executives or senior executive personnel
  • Some prior experience delivering work on customer engagements is preferable, or working as a forward deployed resource for other agencies

Mandatory experience in the following:

  • Network penetration testing and manipulation of network infrastructure
  • Shell scripting or automation of simple tasks using Perl, Python, or Ruby
  • Developing, extending, or modifying exploits, shellcode or exploit tools

Experience in at least four of the following:

  • Mobile and/or web application assessments
  • Email, phone, or physical social-engineering assessments
  • Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
  • Reverse engineering malware, data obfuscators, or ciphers
  • Source code review for control flow and security flaws
  • Strong knowledge of tools used for wireless, web application, and network security testing
  • Thorough understanding of network protocols, data on the wire, and covert channels
  • Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell

Additional information

  • Ability to successfully interface with clients (internal and external)
  • Ability to document and explain technical details in a concise, understandable manner.
  • Agility to manage and balance own time among multiple tasks, and lead junior staff when required
  • All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
  • Existing Security clearances are desirable but not essential