- Reston, VA
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.
We are looking for an Information Security intern to join our team in helping to protect FireEye. As a member of the Information Security Operations team, the successful candidate will gain hands-on experience in security monitoring and incident response. They will be responsible for interpreting, analyzing, and correlating complex security events from a distributed and global environment in order to find indicators of compromise. They will also work in close collaboration with internal and external groups to develop new capabilities to improve security situational awareness across the enterprise. This is a technical role in a fast-paced team and requires and individual who can quickly adapt and can effectively respond to cyber-attacks.
- Identify security issues and risks associated with security events and manage the incident response process
- Participate in the incident response and investigation process for identified security events
- Perform live response data collection and analysis on hosts of interest in an investigation
- Perform network and system forensics in response to security incidents
- Optimize and customize security-monitoring tools in order to improve detection
- Hunt for signs of APT activities
- Automate common security operations workflow
- Maintain and update the security operational workflow
- Monitor for insider threats & respond based on the severity of the threat
- Must be a student, working towards a technical degree such as computer science, computer engineering, or cyber security at an accredited institution
- Have a solid understanding of network protocols and architecture
- Experience with and knowledge of packet flow, TCP/UDP traffic, Security Incident Event Monitoring (SIEM) Tools, IDS technologies (e.g. Snort rules), proxy technologies, antivirus solutions, and other enterprise security operations tools
- Experience solving problems with scripting languages such as Python, Perl, PowerShell, or Bash
- Maintains current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensic and incident response
- Understanding of the tactics, techniques and procedures of attackers.
- Ability to quickly learn new skills and technologies.
- Able to collaborate with cross-functional teams.
- A willingness to be challenged and a strong desire to learn
- An open mind, and an appetite for excellence
All your information will be kept confidential according to EEO guidelines.