Role OverviewTeam/Org OverviewThe Mandiant Threat Defense Security Analyst team monitors, detects, and responds to cyber-attacks for many of the world's top companies. Analysts apply security and response expertise alongside threat intelligence to deliver high-impact services to Mandiant Threat Defense customers, including actionable recommendations and compromise reports.The team is responsible for triaging security alerts, conducting forensic investigations, and producing technical reports. They utilize tools such as Google SecOps and Splunk to analyze telemetry and identify events, communicating findings through detailed reports.Top 3 Key Skills RequiredProficiency with one or more EDR tools (e.g., HX, SentinelOne, Microsoft Defender for Endpoint, CrowdStrike)Proficiency with NDR tools (e.g., NX, Corelight, Palo Alto NGFW)Strong log analysis skills to investigate and scope security incidentsExperience & RequirementsMinimum experience: At least two years in cybersecurityHands-on cybersecurity experience is essentialExperience with EDR (Endpoint Detection and Response) and NDR (Network Detection and Response) toolsStrong understanding of the network stack, HTTP, and common network protocolsKnowledge of the typical attack lifecycle with focus on endpoint and network technologiesFamiliarity with endpoint analysisKey Focus Areas for ShortlistingTo support the hiring manager's priorities, please prioritize candidates with demonstrable, hands-on investigation experience, not just conceptual familiarity with tools. Specifically, candidates should be able to:Investigate alerts generated by EDR/NDR toolsDetermine root causes of security incidentsUse EDR logs to analyze host activity and build comprehensive timelines of eventsPreferred CertificationsOSCPBlue Team Level 1 or Level 2Preferred BackgroundsCandidates from companies such as Huntress or CrowdStrike are especially strong profiles to consider.