FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned FireEye Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 6,300 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.
The primary focus of this role will be to perform penetration assessments and/or static and/or dynamic code reviews against customer’s infrastructure. In this role, candidates are expected to be able to conduct hands-on penetration testing beyond automated tool validation, conduct scenario-based and functional security testing during authenticated and unauthenticated testing, assess associated coding against well established and universally accepted best practices, develop comprehensive and accurate reports and presentations for both technical and executive audiences, communicate findings and strategy to client stakeholders and technical staff, and assist with remediation activities during testing.
Successful candidates should possess a deep understanding of both information security and computer science, proactive testing, and coding best practices. They should understand basic concepts such as networking, applications, and operating system functionality and be able to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. They should also be proficient at both writing as well as communications with both technical as well as non-technical audiences.
At FireEye Mandiant, you’ll be faced with complex problem-solving opportunities and hands-on testing opportunities on a daily basis. We help our clients protect their most sensitive and valuable data through comprehensive and real-world scenario testing. The objective doesn’t end at gaining “domain admin” or “root”; this is expected and is only a starting point.
You are expected to quickly assimilate new information as you will face new client environments on a weekly or monthly basis. You will be expected to understand all the threat vectors to each environment and properly assess them. You will get to work with some of the best in the industry, allowing you to develop new skills as you progress through your career. Are you up to the challenge?
- Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
- Recognize and safely utilize attacker tools, tactics, and procedures
- Develop scripts, tools, or methodologies to enhance FireEye Mandiant’s red teaming processes
- Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff
- Bachelor’s degree in a technical field
- Experience with internal/external/web application penetration testing
- Familiarity with application DevOps concepts, tools, and technologies
- Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
- Knowledge of applications, database, Web server design, HTML, and implementation
- Understanding of Internet (HTTP, FTP, etc.) and network (SMB, TCP/IP, etc.) protocols
- Knowledge of open security testing standards and projects, including OWASP
- Network penetration testing and manipulation of network infrastructure
- Actively discover, enumerate, fingerprint, and map target systems
- Conduct automated vulnerability testing
- Research known vulnerabilities and manually validate scanner findings
- Mobile and/or web application assessments
- Email, phone, or physical social-engineering assessments
- Shell scripting or automation of simple tasks using Perl, Python, or Ruby
- Developing, extending, or modifying exploits, shellcode or exploit tools
- Validate security weaknesses, research known attacks, develop custom tools and exploits, etc.
- Reverse engineer thick clients, mobile apps, and proprietary binaries
- Assess compliance posture against regulatory requirements such as NIST SP 800-53, OWASP ASVS, and ISO 27001
- Document security weaknesses, including steps to reproduce
- Analyze security findings, including risk analysis and root cause analysis
- Research and propose practical remediation
- Reverse engineering malware, data obfuscators, or ciphers
- Source code review for control flow and security flaws
- Strong knowledge of tools used for wireless, web application, and network security testing
- Thorough understanding of network protocols, data on the wire, and covert channels
- Ability to convey results clearly in formal technical reports and deliver briefings
- Must be eligible to work in the US without sponsorship
- Ability to work onsite in NYC
- Ability to travel up to 40%
- Reliable team player
- Independent / capable of working effectively and efficiently with minimal supervision
- Strong time management skills
- Highly organized and detail oriented
- Ability to successfully interface with clients (internal and external)
- Ability to document and explain technical details in a concise, understandable manner
- Ability to manage and balance own time among multiple tasks, and lead junior staff when required
- Offensive Security Web Expert (OSWE) or SANS GIAC Web Application Penetration Tester (GWAPT) Certification
All your information will be kept confidential according to EEO guidelines.