Deployment and Integration Security Consultant

Job Description

The Deployment and Integration Consultant is responsible for enabling FireEye customers to protect their networks, systems, and data using FireEye tools and SIEM technology to combat advanced attackers. As such, you will work directly with customers to implement defensive, highly customized security use cases using FireEye and other security products. You will also help customers integrate FireEye products into their security operations processes and assist them in understanding threats identified by FireEye products. You will represent the company in customer accounts, continue to advance your security expertise and experience, and work within a team to achieve successful outcomes for FireEye customers.

• Work with strategic customer accounts on product related consulting services
• Provide deployment and configuration for the FireEye suite of products
• Provide security consulting services for recommended configurations of FireEye Endpoint Security based on customer’s environment and security requirements
• Provide security consulting services for endpoint security hardening on Windows and UNIX/Linux systems, Active Directory GPO configurations, and implementation of security standards regarding endpoint security (e.g. NIST and CIS)
• Integrate FireEye products with FireEye and third-party SIEM technologies and other security products in the customer’s security stack
• Create Security Operations Standard Operating Procedures around FireEye products including procedures for incident response, IOC sweeping, forensic analysis, disaster recovery, workflow and process diagrams
• Develop custom reports / dashboards and other custom configurations / use cases that leverage FireEye products and other data sources within the customer’s environment
• Manage and lead projects with direct customer interaction
• Work with strategic customer accounts on product related consulting services
• Provide deployment and configuration services for the FireEye suite of products
• Support regional sales staff in technical discussions with customers
• Provide information security expertise and guidance appropriate for an enterprise network
• Maintain current knowledge of tools and best-practices in combatting advanced persistent threats; including tools, techniques, and procedures (TTPs) of attackers and tools and processes for forensics and incident response

Qualifications

• At least 1 year in a security operations role, investigating and responding to alerts
• At least 2 years of experience configuring, managing, and using one or more Endpoint Detection and Response (EDR) products
• Current knowledge of security threats, solutions, security tools and network technologies
• Experience with SCCM and other agent push and distribution technologies
• Extensive knowledge of Windows internals and tools specific to processes, jobs, memory management, I/O, etc.
• Working knowledge of enterprise security controls in Active Directory / Windows environments
• Working knowledge of Windows and UNIX/Linux endpoint hardening and security control enforcement
• Working knowledge of security operations center processes and technologies including SIEM, case management, etc.
• Working knowledge of security infrastructure and related technologies (proxies, firewalls, email filtering technologies, and network intrusion detection systems)
• Experience with virtualized environments like VMWare or VirtualBox
• Experience with cloud providers such as Microsoft Azure, AWS, and GCP
• Ability to use ticketing systems like ServiceNow and JIRA
• Experience and knowledge of network protocols, packet flow, TCP and UDP traffic
• Experience with various log formats such as JSON, Syslog, CEF, XML, and other industry standard message formats
• Familiarity with at least one query language like SQL, MySQL, SPL, etc., desired
• Experience with scripting languages such as PowerShell or Python, highly desired
• Experience with FireEye security products, highly desired
• Excellent communication and presentation skills, with the ability to present to a variety of internal and external audiences
• Ability to handle multiple projects with limited oversight from project managers
• Ability to build strong client relationships and to interact effectively at all levels of the customer’s organization, including senior executives
• Ability to set and manage expectations with senior stakeholders and team members
• Must be willing to travel up to 50% once travel restrictions are lifted

Additional Information