Consultant, Red Team, Mandiant Consulting

About the Consultant, Red Team, Mandiant Consulting Role at Google

In this pivotal role, you will deliver cybersecurity consulting services and support to Google's clients, focusing on assessing and advising on technical and process-based controls across various environments. You will be instrumental in performing Red and Purple team assessments, which include sophisticated adversarial emulation of cyber attacks against customer organizations, as well as other technical cyber assessments like external engagement, web application, mobile, and wireless security testing.

You will also contribute to expanding the team's capabilities through innovative tool creation, conducting research on offensive security techniques, integrating threat actor intelligence, and fostering knowledge share through internal presentations. As a trusted advisor, you will develop comprehensive and accurate reports and presentations tailored for both technical and executive audiences, providing strategic guidance to C-level executives, security leaders, and other customer stakeholders. Additionally, you will assist in scoping prospective engagements, lead teams from kickoff through remediation, and actively mentor other staff, enhancing the overall expertise of the Mandiant Consulting team.

Responsibilities

• Perform offensive technical cybersecurity engagements of a varied nature.
• Interface with clients to address concerns, issues, or escalations, ensuring timely resolution.
• Advise clients on security best practices for remediating discovered issues and vulnerabilities.
• Collaborate with internal teams to expand capabilities and deliver enhanced value to clients.

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related technical field, or equivalent practical experience.
• 3 years of experience assessing and developing cybersecurity solutions across multiple security domains.
• Experience in four or more of the following: network protocols, threat intelligence analysis, system and network administration, project management, developing applications, technical incident response processes, source code review, reverse engineering.
• Experience in offensive security.
• Experience with operating system security across Linux or other operating systems.

Preferred Qualifications

• Certifications related to offensive security including OSCE, OSEP, OSEE, OSCP, CISSP, CISA, or relevant SANS courses.
• Experience working with local sales and management teams in driving consulting business generation, scoping, or client management.
• Experience in creating security tools and understanding underlying programming languages (such as Python, C#, C/C++, Rust, Nim, or similar).
• Ability to communicate technical details through reporting and presentations to both technical and executive audiences.
• Excellent communication, collaboration, and public speaking skills.

Key skills/competency

• Offensive security
• Adversarial emulation
• Cybersecurity consulting
• Threat intelligence
• Incident response
• Network protocols
• System security
• Tool creation
• Client advisory
• Technical reporting