Senior Security Researcher (Remote US)

  • Anywhere

Company :
FireEye Inc

Location :
Denver, Colorado

Expiry Date :
Mon, 16 Nov 2020 23:59:59 GMT

Apply Job :
Open Link

Description :

FireEye is the intelligence-led security company. Working as a seamless,
scalable extension of customer security operations, FireEye offers a single
platform that blends innovative security technologies, nation-state grade
threat intelligence, and world-renowned Mandiant consulting. With this
approach, FireEye eliminates the complexity and burden of cyber security for
organizations struggling to prepare for, prevent, and respond to cyber attacks.
Learn more about FireEye’s world-class solutions and global footprint at https:


Does finding new intrusions give you goosebumps? Do you get juiced when
learning and sharing info about new attacks with your peers, your clients, and
with the world? Are you hungry to track threat actors, curate threat data, work
with a range of other teams, and most importantly, elevate the discovery of new
and interesting things to FireEye and to the public?

Advanced Practices is finding net-new evil across all FireEye customers, and
we re looking for tenacious researchers who love the thrill of the hunt to
join our team. As a Senior Security Researcher, you will be part of the
Advanced Practices team focused on reverse-engineering adversary tradecraft and
operationalizing what we learn for the highest echelon of subversive threats.

The best candidate will be driven to discover new intrusion activity and find
creative ways to distil the voluminous threat data from our weak signals down
to new and interesting findings for our clients. When we find new things, it is
important to drive that knowledge into FireEye and, when possible, into the
public through blogs and contributions into other notable forums such as public
threat analysis frameworks. We encourage giving back to the security community
and strongly support sharing of expertise. Our team members are encouraged to
author whitepapers, develop free tools, and speak at conferences as well.


FireEye s Advanced Practices team was created in 2015 to track and respond
the most difficult threats facing our clients and our own company. Our team of
experts work together to track, correlate, attribute, and detect attacker
activity using advanced analysis and deep research into adversary methods.
Advanced Practices codifies and makes actionable the knowledge from thousands
of Mandiant incident response cases, Managed Defense engagements, and all
significant evil from over 6,000 global FireEye product clients.

Illumination. Advanced Practices shines light in the darkest corners to expose
and amplify complex adversary activity. We search for the nearly imperceptible
traces of attackers wherever we can find them, and we seek to surface their
activity for action.

Front-line Visibility. Our team of 25+ talented security researchers and threat
analysis professionals bring decades of experience investigating intrusions,
analyzing malware, and dissecting digital artifacts to deliver front-line
innovation in FireEye s products and services.

Threat Discovery. Our goal is simple: to know the most about adversaries and
make this knowledge actionable. Advanced Practices enables early discovery and
analysis of adversary operations and their tradecraft so that our customers are

It s Howthat Works. Our team studies the world s most impactful intrus
from the front-lines of FireEye Mandiant and Managed Defense to understand how
apex attackers operate. Our focus on technical evidence and how our adversaries
operate powers the engine that highlights who our adversaries are.

Surfacing the Unseen. You say hunting, we say Detectrum. We look for unique
features and common adversary methods across all intrusions and malware so we
can develop resilient monitoring, detection, and discovery of attacker
activity. We set proactive traps and develop threat signals to capture real-
time and historic adversary activity from important, evasive, and emerging

* Lay the foundation: research, model, and integrate threat data
* Build the layers: search through telemetry to find new intrusions,
malware and tradecraft
* Assemble the dish: notify our clients and affected orgs, close detection
* Icing on the cake: push research findings from the team into blogs and
other public formats when applicable

* Hunt for emerging threat activity across all available FireEye telemetry:
discover net-new malware families, intrusion activity, and suspicious
events associated with Advanced Practices and notify our customers
* Analyze technical threat data to extract TTPs, malware techniques and
adversary methods with low (or no) detections, and help close those gaps
within the FireEye platform
* Drive FireEye detections and technology through threat expertise and
* Provide threat context and integration support to multiple FireEye
service lines
* Provide threat research and context to global service delivery for
Mandiant investigations
* Perform threat research and analysis during high-severity cyber-attacks
impacting FireEye customers globally

* 2 + years of experience in an analytical role of either network
forensics, threat analyst, or security consultant/engineer
* 2 + years of experience in Investigative or Incident Response
* 2 + years of experience with direct delivery of technical information to
clients or public in reports or presentations
* Technical experience in at least three of the following areas:
o Detection engineering with experience in pattern-matching languages
(OpenIOC, Yara, Snort/Suricata, or similar signature framework)
o Windows disk and memory forensics
o Network Security Monitoring (NSM), network traffic analysis, and
log analysis
o Unix or Linux disk and memory forensics
o Basic Static and dynamic malware analysis
o Applied knowledge in at least one scripting or development language
(such as Python)
o Understanding of enterprise security controls in Active Directory /
Windows environments
o Tracking threats in an intelligence function

* Strong analytical leadership skills with the ability to prioritize and
* Ability to set and manage expectations with senior stake-holders and team
* Strong problem solving, troubleshooting, and analysis skills
* Experience working in fast-paced development environments
* Excellent inter-personal and teamwork skills
* Self-driven, proactive, hardworking, creative, team-player
* Excellent communication and presentation skills with the ability to
present to technical and non-technical audiences
* Exceptional written communication skills

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity,
collaboration, and excellence. All qualified applicants will receive
consideration for employment without regard to race, sex, color, religion,
sexual orientation, gender identity, national origin, protected veteran status,
or on the basis of disability. Requests for accommodation due to disability can
be sent directly to [email protected]
Show moreShow less