STS Cyber Defense Security Engineer, Mandiant, ...
@ Google

Addison, Texas, United States
On Site
Posted 4 days ago

Your Application Journey

Personalized Resume
Apply
Email Hiring Manager
Interview

Email Hiring Manager

XXXXXXXX XXXXXXXXX XXXXXX***** @google.com
Recommended after applying

Job Details

Minimum Qualifications

Bachelor's degree in Computer Science, Information Systems, Cyber-security, or related technical field, or equivalent practical experience. Minimum 3 years of experience in a Detection Engineering or related role. Experience with detection tuning and creation using various security tools (e.g., SIEM, EDR, or NDR tools).

Preferred Qualifications

  • Certifications: CompTIA Security+, CompTIA Network+, CCNA, CISSP, GSEC, GCIH, GCED, GCFA, GCIA, GNFA, GPEN.
  • Experience with additional security platforms such as WAF, MFA, Privilege Access Management, TVM scanner, SIEM.
  • Knowledge of scripting languages such as PowerShell and Python.
  • Understanding of cyber defense operations including incident response, containment, remediation, threat intelligence, or security architecture.
  • Understanding of logging for common platforms and devices, including operating systems, Linux, and network equipment.
  • Excellent written and verbal communication skills.

About the Job

The STS Cyber Defense Security Engineer is responsible for enabling and maintaining the technology and tools required for daily operations within a Cyber Defense Center (CDC). As part of Google Cloud and Mandiant, you will collaborate with cross-functional teams including Mandiant Security Architects, Analysts, Client IT, and other stakeholders to define requirements and deliver recommendations for CDC support.

The role involves maintaining client Endpoint Detection and Response (EDR), creating detection content, identifying areas for improvement, and configuring related SOC technologies to ensure effective incident detection and response.

This position is part of a highly technical team in a rapidly changing environment, focused on protecting customer data and corporate assets. Mandiant is known for its advanced threat intelligence, incident response expertise, and trusted frontline cyber defense experience.

Compensation

The US base salary range for this full-time role is $108,000-$155,000 plus bonus, equity, and benefits. Compensation is determined by location, skills, experience, and education/training. Note that base salary does not include bonus, equity, or benefits.

Responsibilities

  • Identify challenges in customer Cyber Defense Centers and formulate improvement strategies.
  • Create and modify EDR and SIEM use cases and detection logic using cyber threat intelligence.
  • Provide expertise on EDR, SIEM, and other SOC technologies to support incident response.
  • Measure and improve alert fidelity with metrics, tuning requests, and incident-specific logic.
  • Collaborate with client stakeholders to resolve security issues.

Key skills/competency

  • Cyber defense
  • EDR
  • SIEM
  • Detection engineering
  • Incident response
  • Threat intelligence
  • Security operations
  • Configuration management
  • Scripting
  • Collaboration
Apply without a personalized resume

How to Get Hired at Google

🎯 Tips for Getting Hired

  • Customize resume: Highlight cybersecurity and detection skills.
  • Tailor cover letter: Focus on EDR and SIEM expertise.
  • Research Google Cloud: Review its cybersecurity culture and projects.
  • Prepare examples: Detail incident response and threat detection scenarios.

📝 Interview Preparation Advice

Technical Preparation

Review EDR and SIEM technologies documentation.
Practice scripting in Python and PowerShell.
Study detection logic and Sigma use cases.
Research cyber defense incident response frameworks.

Behavioral Questions

Describe a team cybersecurity challenge solved.
Explain a time you improved detection logic.
Discuss handling complex incident response scenarios.
Detail collaboration with cross-functional technical teams.

Frequently Asked Questions