Deployment and Integration Enterprise Security Consultant (BB-11747)
Found in: Neuvoo AU
Deployment and Integration Enterprise Security Consultant
Company DescriptionFireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. Learn more about FireEye's world-class solutions and global footprint at
The Deployment and Integration Security Consultant is responsible for enabling FireEye customers to protect their networks, systems, and data using FireEye technology to combat advanced attackers. As such, you will help customers deploy and configure FireEye products in complex enterprise environments and work with customers to integrate FireEye products into their security operations processes. As a FireEye consultant, you will represent the company in customer accounts, continue to advance your security expertise and experience, and work within a team to achieve successful outcomes for FireEye customers
· Work with strategic customer accounts on product related consulting services
· Provide deployment and configuration for the FireEye suite of products
· Develop custom reports and dashboards and implement custom configurations / use cases for the FireEye security solution within customer environments
· Provide security consulting services for endpoint security hardening on Windows and UNIX/Linux systems, Active Directory GPO configurations, and implementation of security standards regarding endpoint security (e.g. NIST and CIS)
· Integrate FireEye products with FireEye and third-party SIEM technologies and other security products in the customer’s security stack
· Create Security Operations Standard Operating Procedures around FireEye products including procedures for incident response, IOC sweeping, forensic analysis, disaster recovery, workflow and process diagrams
· Support regional sales staff in technical discussions with customers
· Create process documentation around FireEye platform and suite products including incident response, IOC hunting, forensic analysis, workflow, and process diagrams.
· Conduct In-depth product workshop with customers on different FireEye solutions.
· Assist customers in planning and implementing integrations between the FireEye technology and other network and security tools
· Provide information security expertise and guidance appropriate for an enterprise network
· Manage and lead projects with direct customer interaction
· Contribute to best practices documentation and technical notes for internal and external distribution
· Maintain current knowledge of tools and best-practices in combatting advanced threats; including tools, techniques, and procedures (TTPs) of attackers and tools and processes for forensics and incident response.
· At least 1 year in a security operations role, investigating and responding to alerts
· At least 2 years of experience configuring, managing, and using one or more Endpoint Detection and Response (EDR) products
· Experience with SCCM and other agent push and distribution technologies
· Extensive knowledge of Windows internals and tools specific to processes, jobs, memory management, I/O, etc.
· Working knowledge of enterprise security controls in Active Directory / Windows environments
· Working knowledge of Windows and UNIX/Linux endpoint hardening and security control enforcement
· Working knowledge of security operations center processes and technologies including SIEM, case management, etc.
· Working knowledge of security infrastructure and related technologies (proxies, firewalls, email filtering technologies, and network intrusion detection systems)
· Experience with virtualized environments like VMWare or VirtualBox
· Experience with cloud providers such as Microsoft Azure, AWS, and GCP
· Ability to use ticketing systems like ServiceNow and JIRA
· Experience and knowledge of network protocols, packet flow, TCP and UDP traffic
· Experience with various log formats such as JSON, Syslog, CEF, XML, and other industry standard message formats
· Familiarity with at least one query language like SQL, MySQL, SPL, etc., desired
· Experience with scripting languages such as PowerShell or Python, highly desired
· Experience with FireEye security products, highly desired
· Excellent communication and presentation skills, with the ability to present to a variety of internal and external audiences
· Ability to handle multiple projects with limited oversight from project managers
· Ability to build strong client relationships and to interact effectively at all levels of the customer’s organization, including senior executives
· Experience in creating Low Level Design (LLD) and High-level Design Documentation (HLD).
· Ability to set and manage expectations with senior stakeholders and team members
· Must be willing to travel up to 40% once travel restrictions are lifted
· Understanding of security infrastructure (proxies, firewalls, email filtering technologies, and network intrusion detection systems)
· Current knowledge of security threats, solutions, security tools and network technologies
· Excellent knowledge of security solutions and technologies, including: Linux based tools, network and endpoint solution architecture/implementation/configuration
· Experience conducting analysis of packet captures, log data, and network devices in support of intrusion analysis or enterprise-level information security operations.
· Experience configuring, managing, and using one or more SIEM / SOAR products.
calendar_today22 hours ago