Red Team Security Consultant

About the Job

As a Red Team Security Consultant at Mandiant, part of Google Cloud, you will be instrumental in assessing and advising clients on technical and process-based controls across diverse environments. This role involves performing Red and Purple Team assessments, including adversarial emulation of cyber attacks, external penetration testing, web application, mobile, and wireless security testing.

You will contribute to expanding the team's capabilities through tool creation, research into offensive techniques, and incorporating threat actor intelligence. Additionally, you will develop comprehensive and accurate reports and presentations for both technical and executive audiences, serving as a trusted advisor to C-level executives, security leaders, and other customer stakeholders. Your responsibilities also include aiding in scoping prospective engagements, leading teams from kickoff through remediation, and mentoring other staff. A keen understanding of offensive security, threat actors, and general security best practices is essential.

Mandiant, a recognized leader in dynamic cyber defense, threat intelligence, and incident response services, is part of Google Cloud. Mandiant's expertise has earned global trust from security professionals and executives. Our unique blend of frontline experience, nation-state grade threat intelligence, machine intelligence, and top-tier security validation provides unparalleled insight into advanced threats.

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.
• 3 years of experience with penetration testing and red teaming functions, including network, web application, mobile, cloud, social engineering, scripting, or tool development.
• Experience with tools used for wireless, web application, and network security testing.
• Experience with operating system security across Linux or other operating systems.

Preferred Qualifications

• Certifications related to offensive security including OSCE, OSEP, OSEE, OSCP, CCSAS, CCT, INF, or relevant SANS courses.
• Experience working with local sales and management teams in driving consulting business generation, scoping or client management.
• Experience in creating security tools and understanding of underlying programming languages such as Python, C#, C/C++, Rust, Nim or similar.
• Experience working in offensive security consulting.
• Experience working with Outflank security tooling.
• Excellent written and verbal communication skills, with the ability to develop documentation and explain technical details in a concise manner.

Responsibilities

• Perform offensive technical cyber security engagements of a varied nature.
• Interface with clients to address concerns, issues, or escalations; track and drive to closure any issues that impact the engagements and its value to clients.
• Advise clients on security best practices for remediating discovered issues.
• Collaborate with internal teams to expand capabilities to deliver further value to clients.

Key skills/competency

• Red Teaming
• Penetration Testing
• Adversarial Emulation
• Cybersecurity Consulting
• Threat Intelligence
• Security Assessments
• Tool Development
• Incident Response
• Client Management
• Linux Security