Incident Response Security Consultant, Mandiant, Google Cloud

About the Job

As an Incident Response Security Consultant, Mandiant, Google Cloud, you will deliver industry-leading incident response, assessment, transformation, managed detection and response, and training services with in-depth tactical support. This role involves helping organizations effectively detect and respond to threats, thereby reducing the overall impact of business risk before, during, and after an incident. You will be instrumental in resolving security incidents swiftly and effectively, encompassing investigation, containment, remediation, and crisis management.

Your engagements will include assisting clients with technically high-profile incidents, performing forensic analysis, threat hunting, and malware triage. You will continuously analyze existing and emerging threat actors, identifying their rapidly changing tools, tactics, and procedures. A key part of your role will be understanding evolving attacker behavior and motivations, managing large client-facing projects, and mentoring other security consultants.

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence, and incident response services. Mandiant’s cybersecurity expertise has earned the trust of security professionals and executives worldwide. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and industry-best security validation ensures unparalleled insight into today’s advanced threats.

Responsibilities

• Collaborate with internal and customer teams to investigate and contain security incidents.
• Recognize and codify attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) applicable to current and future investigations.
• Conduct host forensics, network forensics, log analysis, and malware triage as part of incident response investigations.
• Participate in client-facing incident response engagements, examining cloud, endpoint, and network-based evidence sources to investigate and contain incidents.
• Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes and capabilities.

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.
• 3 years of investigative experience in network forensics, malware triage analysis, cloud forensics, or disk and memory forensics.
• 3 years of experience working in end-to-end incident response investigations, analysis, or containment actions.
• Ability to travel up to 30% of the time as required.
• Ability to communicate fluently in English to work with internal partners and customer teams.

Preferred Qualifications

• Experience in cloud incident response or forensics.
• Experience in security competitions, Capture the Flags (CTFs), or testing platforms such as Hack The Box, TryHackMe, OverTheWire, etc.
• Ability to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.
• Excellent time and project management skills.

Key Skills/Competency

• Incident Response
• Cybersecurity
• Digital Forensics
• Threat Intelligence
• Malware Analysis
• Network Forensics
• Cloud Security
• Log Analysis
• Containment
• Remediation