Thursday, March 17, 2011

Bejtlich Joining MANDIANT as CSO and Security Services Architect

In June 2007 I posted that I was joining General Electric as Director of Incident Response. Since then I helped build and lead GE-CIRT from an "army of one" into a team of 40 analysts. It was an honor and a privilege to work with my team, but today I am announcing that I've accepted a new challenge.

Effective 1 April I will be Chief Security Officer and Security Services Architect for MANDIANT, where I will build teams, tools, and capabilities to provide managed detection and response services. You can read the press release at the MANDIANT Web site or Businesswire if you're so inclined, as well as a MANDIANT blog post.

I am really looking forward to this new opportunity. I worked for Kevin Mandia in 2002-2004 with Foundstone and for Travis Reese in 2004-2005 at ManTech International Corp.'s CFIA division. When I left ManTech to concentrate 100% on TaoSecurity, the first consulting I did was for Red Cliff, the precursor to MANDIANT. I also know many current members of the MANDIANT team from those three roles and subsequent relationships.

I believe in MANDIANT's mission and vision, which is important to me. While I enjoyed defending one enterprise with my old team, at MANDIANT I will be able to assist multiple organizations. As a member of the MANDIANT executive team I will also help set the direction for the company and will be able to work with the product, consulting, training, and managed services groups.

While many of you are familiar with MANDIANT's famous incident response consulting force, you may not be aware that the company continues to build a managed services team to provide dedicated, long-term detection and response options. By the end of the second quarter I expect my colleagues and I in the security services group to be announcing new job opportunities for those who enjoy hunting digital intruders. MANDIANT is already hiring aggressively for security talent, so keep your eyes on the job site for more information.

As you might expect, I plan to continue writing TaoSecurity Blog and sending TaoSecurity Tweets. I will still provide training such as TCP/IP Weapons School, but I expect to keep the same low number of classes as was the case with my previous employer. Currently I will be teaching at GTEC in DC on 31 May - 1 June, and then at Black Hat USA 30-31 July and again on 1-2 August. Two classes for USENIX this summer are still in coordination.

I enjoyed interacting with all of you over the last four years wearing my old hat, and I look forward to staying in touch via social media and at conferences in my new role! Thank you.

16 comments:

Anonymous said...

Congradulations! I might have selected April 4 instead of April 1 as a start date though. ;)

Richard Bejtlich said...

I wanted to avoid a lapse in health care coverage. Blame our system! :)

Anonymous said...

April Fools?

Jeffrey Carr said...

That's great news, Richard. Congratulations. I think you'll make a great addition to Mandiant's team.

Richard Bejtlich said...

It's for real. This isn't an elaborate hoax. I have neither the time nor the inclination!

hogfly said...

Richard,
History disagrees my friend!
http://taosecurity.blogspot.com/2008/04/sguil-project-acquired-by-cisco.html

We'll miss you.

Richard Bejtlich said...

Hogfly, we had to do ONE hoax, but this announcement is real. :)

caner said...

Congratulations. I wish you all the best at your new position.

Regards,
Caner

Anonymous said...

Congratulations. You are all fortunate to have found each other again. Have fun!

RayK

Jolly said...

Congratulations Richard! :)

Anonymous said...

Wow! Kevin/Travis are gaining the best of the best! Congratulations Richard!

-Rocky

Maurice said...

Congratulations old friend! I am sure you will love the new role.

Maurice

John Ward said...

That's awesome Rich. It's great to see your still constantly trying to broaden your horizons, and still humble enough to share your skills with the public by maintaining the blog and teaching classes. A managed services team? It sounds like your "getting the band back together". Let me know if you need some BI talent for those incident reports ;)

Anonymous said...

Congrats Richard! Hope you enjoy the big M ;-)

c-APT-ure blog author ;-)

Daniel Thanos said...

Good luck Richard!

Jarrod said...

Congratulations on your new role. I hope you relish the challenges and opportunities that lie ahead.

Best wishes for the future!

- J.