... and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic. 5 Preferred Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future ...
... and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic. 5 Preferred Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future ...
While experience with Mandiant Security Validation Tool would be great, we'll train you on the tool if you have a solid foundation in cybersecurity. We're vendor neutral security engineers providing ...
While experience with Mandiant Security Validation Tool would be great, we'll train you on the tool if you have a solid foundation in cybersecurity. We're vendor neutral security engineers providing ...
Jr. Soc Analyst
Vienna, VA · On-site
Conduct research and analysis of Mandiant MD5 hashes within the Tanium console to detect potential malicious activity, communicating findings to Senior Incident Response Analysts. Proactively monitor ...
Quick apply
Jr. Soc Analyst
Vienna, VA · On-site
Conduct research and analysis of Mandiant MD5 hashes within the Tanium console to detect potential malicious activity, communicating findings to Senior Incident Response Analysts. Proactively monitor ...
Preferred : • Experience configuring and utilizing enterprise SIEM platforms. • Understanding of OS auditing (Syslog, Windows Event Logs). • Experience with Mandiant Security Validation or ...
Preferred : • Experience configuring and utilizing enterprise SIEM platforms. • Understanding of OS auditing (Syslog, Windows Event Logs). • Experience with Mandiant Security Validation or ...
Sr. Security Vulnerability Analyst
Washington, DC · On-site
$108K - $141K/yr
Required : • 5+ years of hands-on vulnerability management experience that includes use of technologies such as Tenable Nessus, GitLab vulnerability scanning features, Fortify, Invicti, Mandiant ...
Sr. Security Vulnerability Analyst
Washington, DC · On-site
$108K - $141K/yr
Required : • 5+ years of hands-on vulnerability management experience that includes use of technologies such as Tenable Nessus, GitLab vulnerability scanning features, Fortify, Invicti, Mandiant ...
Be Seen First
Cybersecurity Application Support Specialist w/Splunk
Washington, DC · On-site
$135K - $150K/yr
... Mandiant Security Verification, and SightGain. • The Application Support Specialist and the Systems Engineer will probably be required to back each other up and backup the incumbent Cybersecurity ...
Quick apply
Be Seen First
Cybersecurity Application Support Specialist w/Splunk
Washington, DC · On-site
$135K - $150K/yr
... Mandiant Security Verification, and SightGain. • The Application Support Specialist and the Systems Engineer will probably be required to back each other up and backup the incumbent Cybersecurity ...
Machine Learning Engineer
New York, NY · On-site
Backed by strong investor support and early customer traction, our team is composed of experts from OpenAI, Meta, Mandiant, Palantir, Cruise, Trail of Bits, and Aptiv. About this Role We are seeking ...
Machine Learning Engineer
New York, NY · On-site
Backed by strong investor support and early customer traction, our team is composed of experts from OpenAI, Meta, Mandiant, Palantir, Cruise, Trail of Bits, and Aptiv. About this Role We are seeking ...
Be Seen First
Cybersecurity Application Support Specialist w/Splunk
Dallas, TX · On-site
$135K - $150K/yr
... Mandiant Security Verification, and SightGain. • The Application Support Specialist and the Systems Engineer will probably be required to back each other up and backup the incumbent Cybersecurity ...
Quick apply
Be Seen First
Cybersecurity Application Support Specialist w/Splunk
Dallas, TX · On-site
$135K - $150K/yr
... Mandiant Security Verification, and SightGain. • The Application Support Specialist and the Systems Engineer will probably be required to back each other up and backup the incumbent Cybersecurity ...
... Mandiant MSV , etc. * 3+ years of hands-on vulnerability management experience that includes cloud resident technologies in Amazon Web Services, Microsoft Azure, Service Now , etc. * Hands on ...
... Mandiant MSV , etc. * 3+ years of hands-on vulnerability management experience that includes cloud resident technologies in Amazon Web Services, Microsoft Azure, Service Now , etc. * Hands on ...
... and Mandiant, to enrich investigations, validate indicators, and map activity to MITRE Telecommunication&CK. 5 - Preferred - Hands‐on experience using Cyware CSAP for incident orchestration ...
... and Mandiant, to enrich investigations, validate indicators, and map activity to MITRE Telecommunication&CK. 5 - Preferred - Hands‐on experience using Cyware CSAP for incident orchestration ...
... and Mandiant, to enrich investigations, validate indicators, and map activity to MITRE Telecommunication&CK. 5 - Preferred - Hands‐on experience using Cyware CSAP for incident orchestration ...
... and Mandiant, to enrich investigations, validate indicators, and map activity to MITRE Telecommunication&CK. 5 - Preferred - Hands‐on experience using Cyware CSAP for incident orchestration ...
Sr. AI Security Vulnerability Analyst
Washington, DC · On-site
$108K - $142K/yr
... Mandiant MSV, etc. * 3+ years of hands-on vulnerability management experience that includes cloud resident technologies in Amazon Web Services, Microsoft Azure, Service Now, etc. * Hands on ...
Sr. AI Security Vulnerability Analyst
Washington, DC · On-site
$108K - $142K/yr
... Mandiant MSV, etc. * 3+ years of hands-on vulnerability management experience that includes cloud resident technologies in Amazon Web Services, Microsoft Azure, Service Now, etc. * Hands on ...
Proficiency with threat intelligence platforms, including Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant, to enrich investigations, validate indicators ...
Proficiency with threat intelligence platforms, including Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant, to enrich investigations, validate indicators ...
Senior Detection Engineer #3279
$94K - $129K/yr
Experience with intelligence platforms like Recorded Future, GreyNoise, or Mandiant a plus * Familiarity with SOAR tools, particularly Cyware, for automated SOC workflows a plus * Comfortable serving ...
Quick apply
Apply Early
Senior Detection Engineer #3279
$94K - $129K/yr
Experience with intelligence platforms like Recorded Future, GreyNoise, or Mandiant a plus * Familiarity with SOAR tools, particularly Cyware, for automated SOC workflows a plus * Comfortable serving ...
Apply Early
SRE/Infrastructure Engineer
New York, NY · On-site
$180K - $250K/yr
Backed by strong investor support and early customer traction, our team is composed of experts from OpenAI, Meta, Mandiant, Palantir, Cruise, Trail of Bits, and Aptiv. About this Role We are seeking ...
SRE/Infrastructure Engineer
New York, NY · On-site
$180K - $250K/yr
Backed by strong investor support and early customer traction, our team is composed of experts from OpenAI, Meta, Mandiant, Palantir, Cruise, Trail of Bits, and Aptiv. About this Role We are seeking ...
... Mandiant, to enrich investigations, validate indicators, and map activity to MITRE ATT&CK.5PreferredHandson experience using Cyware CSAP for incident orchestration, automated enrichment, case ...
... Mandiant, to enrich investigations, validate indicators, and map activity to MITRE ATT&CK.5PreferredHandson experience using Cyware CSAP for incident orchestration, automated enrichment, case ...
Job Summary : Google is seeking a Lead of Threat Operations Support to oversee the Threat Operations Support team within Google Cloud. This role involves managing project goals, collaborating with ...
Job Summary : Google is seeking a Lead of Threat Operations Support to oversee the Threat Operations Support team within Google Cloud. This role involves managing project goals, collaborating with ...
Senior Detection Engineer
San Antonio, TX · On-site
$95K - $130K/yr
Experience with intelligence platforms like Recorded Future, GreyNoise, or Mandiant a plus * Familiarity with SOAR tools, particularly Cyware, for automated SOC workflows a plus * Comfortable serving ...
Senior Detection Engineer
San Antonio, TX · On-site
$95K - $130K/yr
Experience with intelligence platforms like Recorded Future, GreyNoise, or Mandiant a plus * Familiarity with SOAR tools, particularly Cyware, for automated SOC workflows a plus * Comfortable serving ...
Proficiency with threat intelligence platforms, including Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant, to enrich investigations, validate indicators ...
Proficiency with threat intelligence platforms, including Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant, to enrich investigations, validate indicators ...
... Mandiant, to enrich investigations, validate indicators, and map activity to MITRE ATT&CK. 5 Preferred Hands-on experience using Cyware CSAP for incident orchestration, automated enrichment, case ...
... Mandiant, to enrich investigations, validate indicators, and map activity to MITRE ATT&CK. 5 Preferred Hands-on experience using Cyware CSAP for incident orchestration, automated enrichment, case ...
Mandiant information
See salary details
$28.70 is the 25th percentile. Wages below this are outliers.
$23.56 - $35.23
57% of jobs
$35.23 - $46.90
14% of jobs
$46.90 - $58.57
0% of jobs
$58.57 - $70.24
0% of jobs
$70.24 - $81.91
0% of jobs
$81.91 - $93.58
0% of jobs
$93.58 - $105.24
0% of jobs
$105.24 - $116.91
0% of jobs
$124.21 is the 75th percentile. Wages above this are outliers.
$116.91 - $128.58
6% of jobs
$128.58 - $140.25
8% of jobs
$140.25 - $151.92
14% of jobs
$23
$69
$151
How much do mandiant jobs pay per hour?
Is Mandiant a good place to work?
Is 30 too old for cyber security?
What is a Mandiant job?
A Mandiant job typically refers to roles within Mandiant, a cybersecurity company known for threat intelligence, incident response, and cybersecurity consulting. Employees at Mandiant work to protect organizations from cyber threats by investigating incidents, analyzing threats, and improving security strategies. Positions range from security consultants to intelligence analysts and engineers, requiring expertise in cybersecurity, digital forensics, and threat intelligence.
Is Mandiant owned by Google?
What are the key skills and qualifications needed to thrive in the Mandiant position, and why are they important?
To thrive in a role at Mandiant, candidates typically need strong expertise in cybersecurity, incident response, and threat intelligence, often supported by a degree in computer science, information security, or equivalent experience. Hands-on familiarity with tools such as SIEM platforms, endpoint detection and response solutions, and certifications like CISSP, CEH, or GIAC are commonly required. Analytical thinking, effective communication, and teamwork differentiate outstanding professionals in this field. These skills and qualities are critical to accurately identify, investigate, and mitigate sophisticated cyber threats in high-pressure situations.
What are the typical day-to-day activities for someone working in a cybersecurity role at Mandiant?
Professionals working at Mandiant can expect to spend their days investigating cybersecurity incidents, conducting threat analyses, and collaborating with clients to improve their security posture. Daily tasks often include analyzing network traffic, responding to ongoing security breaches, preparing detailed reports, and advising clients on mitigation strategies. Team members work closely with other cybersecurity experts, client IT teams, and occasionally law enforcement to gather intelligence and coordinate defense efforts. The role offers a highly dynamic environment where adaptability and continual learning are essential, making each workday both challenging and rewarding.
How much does Mandiant pay?
Other
Medical, Life, Retirement
Posted 10 days ago
Job description
Texas GovLink, Inc. is an Austin-based firm which has been a leading provider of technical and business professionals to clients in Texas. We are currently seeking an experienced Security Operations Engineer to be a key resource on a technical services team.
Texas GovLink offers its family of consultants excellent rates, a local support staff, and an attractive benefits package which includes medical insurance (TGL shares a percentage of the cost), life insurance, a matching 401(k) plan and a cafeteria plan.Candidates selected for interview will be required to undergo criminal background checks and may be required to complete a drug screen in accordance with Federal and State Law. Offers of Employment are contingent on a successful background checkTexas GovLink is an equal opportunities employer.
Responsibilities- Engineer, maintain, and tune SIEM platforms (Google SecOps, Gravwell), including correlation rules, dashboards, enrichment logic, and detection content.
- Configure, tune, and optimize IDS/IPS technologies (Corelight, Tipping Point, Cisco Firepower), including signature development and false-positive reduction.
- Perform packet capture (pcap) analysis to validate alerts, identify malicious traffic, and support investigations using Netwitness or Corelight.
- Conduct network traffic analysis to detect anomalies, lateral movement, and commandandcontrol activity.
- Strong understanding of network security architecture, including distributed sensors (Corelight), packet capture systems (NetWitness), and log pipelines (CRIBL, Gravwell, Google SecOps).
- Operationalize threat intelligence feeds within SOC platforms and customers, converting indicators into detection logic, correlation rules, and automated enrichment workflows.
- Continuously tune detection content based on intelligencedriven insights, improving alert fidelity and reducing false positives across statewide monitoring.
- Develop and maintain orchestration playbooks within Cyware, integrating SIEM, EDR, threat intelligence, and ticketing systems to support statewide monitoring expansion and rapid incident handling.
- Support SOC operations by providing detection engineering, log onboarding, and data normalization.
- Develop and maintain network security monitoring infrastructure, including sensors, collectors, and log pipelines.
- Collaborate with Incident Responders to provide networklevel evidence, context, and threat validation.
- Produce engineering reports, tuning documentation, and platform health assessments.
- Implement detection logic aligned with MITRE ATT&CK, threat intelligence, and emerging adversary behaviors.
- Produce engineering documentation, tuning reports, platform health assessments, and detection coverage maps using data from Firepower, TippingPoint, Corelight, NetWitness, Microsoft Sentinel, and Google SecOps
Minimum Requirements:Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
Years
Required/Preferred
Experience
5
Required
SOC operations experience
5
Required
Handson experience with IDS/IPS platforms, specifically Cisco Firepower and TippingPoint, including signature tuning, falsepositive reduction, and threatdriven detection improvements.
5
Required
Advanced packet capture (pcap) and network analysis skills using Corelight, NetWitness, and CRIBL pipelines to identify anomalies, malicious traffic, and lateral movement.
5
Required
Experience maintaining and tuning EDR platforms, including CrowdStrike Falcon and SentinelOne, and integrating EDR telemetry into SIEM and orchestration workflows.
5
Required
Threat intelligence application expertise
5
Required
Develop detection logic aligned with adversary TTPs
6
Preferred
Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.
5
Preferred
Experience operationalizing threat intelligence by converting indicators and TTPs from Recorded Future, ThreatMon, GreyNoise, Google Threat Intelligence, VirusTotal, and Mandiant into SIEM rules, IPS signatures, and automated enrichment logic.
5
Preferred
Perform packet-level analysis to validate alerts and identify malicious activity
5
Preferred
Serves as an escalation SOC analysts to support other SOC analyst and incident responders with enriched network-level intelligence
5
Preferred
Proficiency with Google SecOps and Cyware (SOAR) orchestration, including building automated workflows that integrate SIEM, IDS/IPS, EDR (CrowdStrike, SentinelOne), threat intelligence, and Jira ticketing for SOC automation
4
Preferred
Security Certifications Preferred (CISSP, CEH, GISF, GSEC, CySA+, Sec+)
Employment Type: OTHER