Technical Intelligence Analyst Internships - Summer 2020
FireEye is the leader in intelligence-led security-as-a-service. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,000 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.
FireEye Threat Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt your business based on the intents, tools, and tactics of the attacker. Our high-fidelity, comprehensive intelligence delivers visibility beyond the typical attack lifecycle, adding context and priority to global threats before, during, and after an attack.
Interns in this position will perform malware analysis or other related technical analysis tasks in support of FireEye Threat Intelligence.
- Track malware, malicious campaigns, or actors through technical analysis of data, malicious codes, exploits, and infrastructure.
- Perform reverse engineering and behavioral analysis of malicious codes and related artifacts.
- Collaboratively and independently write reports documenting findings that intelligence customers can use to better understand malicious activity and how to defend themselves.
Candidates are not expected to have all the necessary skills, knowledge, and experience coming in, but are generally able to demonstrate a solid understanding of one or more of the basic capabilities required to perform malware analysis and related technical analysis functions. Interns will be receiving informal on-the-job training to provide specific subject matter expertise, but successful candidates will also need to demonstrate their ability to proactively learn designated subject matter and roles relatively easily. Internship candidates will be asked to perform a simple evaluation task during the candidate selection process to assess their capability.
Beneficial experience, skills, and knowledge could include the following:
- Ability to demonstrate a basic understanding of malware analysis or reverse engineering concepts and related tool sets:
- Network sniffers
- Process analysis tools
- Registry analysis tools
- File analysis tools
- Memory analysis tools
- Disassemblers and Debuggers
- Understanding of how computers and their underlying systems work (e.g. authentication mechanisms, file systems, common forensic artifacts, encryption, encoding, obfuscation, etc…)
- Understanding of common strategies actors have taken to compromise and attack computing systems
- Understanding of network traffic and fundamental networking/communication protocols such as BGP, DNS, HTTP, TLS/SSL, SMTP, etc…
- Awareness of currently-prominent cyber threats, malware, and computer exploitation tactics
In addition to the above technical expertise, the following basic qualifications are also desired:
- Previous experience or knowledge of cybersecurity concepts, including the cyber threat landscape, common tactics, techniques, and procedures (TTPs), and threat actor/group tracking
- Ability to demonstrate comprehensive, practical knowledge of research and collection skills as well as analytic methods
- Ability to assess and analyze information from various sources to develop actionable intelligence
- Strong writing skills with ability to communicate clearly and efficiently
- Strong interpersonal skills and ability to collaborate in a team environment
- Experience with analyzing large data sets to identify notable conclusions or actionable trends for reporting
- Open-source intel experience
All your information will be kept confidential according to EEO guidelines.