Job Description

Company Description
Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.


Mandiant Security Consulting Services ensures the long-term success of our clients by providing talented, passionate, and specialized security expertise. Our Consultants partner with clients to evaluate, create, develop, improve, and mature information security operations and programs. By utilizing the latest industry standards and combining experience and knowledge gained from Mandiant Incident Response, Intelligence and Managed Defense practices, we are able to develop defense forward information security programs for our clients. As an Information Security Consultant, you will be responsible for helping our clients assess, design and build effective security programs. As an established trusted advisor, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in security governance, security risk management, security operations, security architecture, and/or cyber incident response programs. What You Will Do:

• Provide guidance on building and/or maturing information security programs and the implementation of tools and technologies used for enterprise security
• Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects
• Implement and/or assess existing security controls
• Provide knowledge of tools and technologies used for enterprise security
• Interface with clients to address concerns, issues or escalations; track and drive to closure any issues that impact the service and its value to clients

• 3+ years of information security experience
• Experience building information security programs to include hands-on implementation and/or assessment of security controls
• In-depth experience in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence
• Knowledge of tools used in penetration testing, security event analysis, incident response, computer forensics, network and endpoint architecture, malware analysis or other areas of security operations
• Understanding of security frameworks, such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS Fundamental understanding of networking, including TCP/IP protocols and network topology
• Fundamental understanding of operating systems, including Windows, Linux, and OSX
• Understanding of security controls for common platforms and devices, including Windows, Linux, OSX and network equipment
• Understanding of the components that comprise a successful information security program
• Must be eligible to work in the Canada without sponsorship

• Ability to successfully interface with clients and manage expectations including with C-level executives
• Ability to evaluate customer needs, coordinate design for a solution, and clearly communicate solutions