Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Compliance Analyst Intern
Company FireEye
Location Reston, VA
Preferred GIAC Certifications GISF, GSEC
Travel 10%
Salary Not provided
URL https://jobs.smartrecruiters.com/FireEyeInc1/743999718533589
Contact Name MShrewsbury
Contact Email mshrewsbury/at/sans.org
Expires 2020-12-03

Job Description

Security Analyst Intern, Managed Defense - Summer 2021
Reston, VA, USA
Intern
Company Description
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks.

Job Description
Mandiant Managed Defense is a Managed Detection and Response (MDR) service that combines industry-recognized cyber security expertise, FireEye technology, and unparalleled knowledge of attackers to identify threats early in the attacker lifecycle to minimize the potential impact of a breach. Mandiant Managed Defense is continuously fueled by the industry’s largest global cyber threat intelligence capability that harnesses machine, campaign, adversary and victim intelligence gained from the frontlines of the world’s most consequential cyber-attacks enabling us to reveal even the most sophisticated attacker.

As an intern on the Managed Defense team, you will be the forefront of cyber defense for many of the world’s top companies. You will collaborate with other analysts to investigate security events, contextualize them with available intelligence, and identify potential threats within our customer base. You will transform event information and raw data into compromise reporting for our customers, acting to identify and halt active intrusions.

You will find yourself going head to head on a daily basis with interactive attackers, nation state actors, financially motivated criminals, and malware authors. You will be empowered with access to numerous resources, including entry-points into FireEye’s corpus of intelligence regarding attacker methodologies, missions, and infrastructure. You will leverage your strong understanding of attacker methodologies to keep our customers and the real people they represent safe from compromise by discovering intrusions early, scoping them, and providing written technical recommendations for customers to contain, remediate, and prevent threats in the future. Your attention to detail and dedication to security will help keep our customers safe from those who seek to take advantage of them. 

What You Will Do:

Perform live response data collection and analysis on hosts of interest in an investigation
Collate and analyze relevant events from host and network device log files
Perform incident response and basic malware analysis to investigate incidents
Help determine the extent of the compromise, attributes of any malware, and possible data exfiltrated
Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensic and incident response
Qualifications
Requirements:

All applicants must be currently pursuing a degree at an accredited institution
Experience reviewing raw log files, data correlation, and analysis (I.e. firewall, network flow, IDS, system logs) is preferred
Experience with well-known security tools such as NMAP, Nessus, TCPDump, Wireshark, and Netcat
Understanding of Windows operating systems and command line tools
A solid foundation in networking fundamentals, with a basic understanding of TCP/IP and other core protocols
Knowledge of network-based services and client/server applications
Experience with and knowledge of packet flow, TCP/UDP traffic, Security Incident Event Monitoring (SIEM) Tools, IDS technologies (e.g. Snort rules), proxy technologies, antivirus solutions, and other enterprise security operations tools
Additional Qualifications:

The ability to document and explain technical details clearly and concisely
Exemplary communication and interpersonal skills
A willingness to be challenged and a strong desire to learn
An open mind, and an appetite for excellence
Must be able to work in the US without sponsorship
Additional Information
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.