Security Engineer, Red Team
Google · Mumbai, Maharashtra, India
- On site
- Full-time
- ₹2,000,000 / year
- Mumbai, Maharashtra, India
Job highlights
- Conduct Red and Purple Team cyber attack simulations.
- Advise clients on security best practices and remediation.
- Develop security tools and research offensive techniques.
- Create reports for technical and executive audiences.
- Collaborate with internal and client teams.
About the role
Red Team Security Engineer at Google
Google is seeking a skilled and experienced Red Team Security Engineer to join their Mandiant team. This role involves providing expert cyber-security consulting services to clients, assessing and advising on technical and process-based controls. You will play a crucial part in expanding the team's capabilities through tool creation, research on offensive techniques, and the integration of threat actor intelligence. The position requires developing comprehensive reports and presentations for both technical and executive audiences, acting as a trusted advisor to C-level executives and security leaders. A strong understanding of offensive security, threat actors, and general security best practices is essential.
About Mandiant at Google Cloud
Mandiant, part of Google Cloud, is a world leader in cyber defense, threat intelligence, and incident response. Our reputation is built on the trust of security professionals and executives globally. We stand out due to our frontline experience with complex breaches, nation-state threat intelligence, machine intelligence, and industry-leading security validation, giving us unparalleled insight into advanced threats.
Responsibilities
- Conduct Red and Purple Team assessments, simulating cyber attacks against client organizations through end-to-end adversarial emulation.
- Perform various technical cyber assessments, including external penetration tests, web application, mobile, and wireless security testing.
- Engage with clients to address concerns, resolve issues, and manage escalations to ensure client satisfaction and project success.
- Advise clients on best practices for remediating identified security vulnerabilities.
- Collaborate with internal teams to enhance service offerings and deliver greater value to clients.
- Execute offensive technical cyber-security engagements across a range of scenarios.
Minimum Qualifications
- Bachelor's degree in Computer Science, Information Systems, Cyber-security, or a related technical field, or equivalent practical experience.
- Offensive security certifications such as OSCE, OSEP, OSEE, OSCP, CCSAS, CCT INF, or relevant SANS courses.
- 3 years of experience in creating security tools.
- Experience in four or more of the following areas: network protocols, threat intelligence analysis, system and network administration, project management, application development, technical incident response processes, source code review, and reverse engineering.
Preferred Qualifications
- Experience working with local sales and management teams to drive consulting business, scope projects, or manage client relationships.
- Proficiency in creating security tools, with a solid understanding of underlying programming languages like Python, C#, etc.
- Excellent communication, collaboration, and public speaking skills.
Working Location Options
Bengaluru, Karnataka, India; Hyderabad, Telangana, India; New Delhi, Delhi, India; Mumbai, Maharashtra, India.
Key skills/competency
- Red Team Assessments
- Adversarial Emulation
- Penetration Testing
- Vulnerability Management
- Threat Intelligence
- Security Tool Development
- Reverse Engineering
- Cyber Security Consulting
- Incident Response
- Client Communication
Skills & topics
- Red Team
- Security Engineer
- Cyber Security
- Penetration Testing
- Adversarial Emulation
- Threat Intelligence
- Offensive Security
- Security Consulting
- Mandiant
How to get hired
- Tailor your resume: Highlight offensive security experience, certifications (OSCE, OSCP, etc.), tool development, and specific technical skills relevant to Red Teaming.
- Showcase your impact: Quantify achievements in past roles, such as the scope of assessments or the impact of tools you developed.
- Prepare for technical interviews: Be ready to discuss network protocols, threat intelligence, system administration, source code review, and reverse engineering concepts.
- Demonstrate client-facing skills: Emphasize your ability to communicate complex technical information clearly to both technical and executive audiences.
- Research Google Mandiant: Understand their role in cyber defense, threat intelligence, and incident response to align your application with their mission.
Technical preparation
Master network protocols and their vulnerabilities.,Practice reverse engineering and source code analysis.,Build and deploy custom security tools.,Simulate advanced persistent threats (APTs).
Behavioral questions
Describe a complex security challenge you solved.,How do you handle client escalations professionally?,Explain a new offensive technique to executives.,How do you stay updated on threat actor TTPs?
Frequently asked questions
- What are the primary responsibilities of a Red Team Security Engineer at Google Mandiant?
- As a Red Team Security Engineer at Google Mandiant, you will conduct adversarial emulation exercises, perform various technical cyber assessments, advise clients on security best practices, develop custom security tools, and present findings to both technical and executive audiences.
- What qualifications are essential for the Red Team Security Engineer role at Google?
- Essential qualifications include a Bachelor's degree in a related technical field or equivalent experience, offensive security certifications (e.g., OSCE, OSCP), 3 years of experience in security tool creation, and proficiency in at least four specified technical areas like network protocols or reverse engineering.
- Does Google Mandiant offer flexibility in working locations for this role?
- Yes, by applying to this position, you will have the opportunity to indicate your preferred working location from a selection of Indian cities: Bengaluru, Hyderabad, New Delhi, or Mumbai.
- What is the significance of Mandiant within Google Cloud?
- Mandiant is a recognized leader in cyber defense, threat intelligence, and incident response services. Within Google Cloud, Mandiant leverages its frontline experience and advanced intelligence to protect clients from sophisticated threats.
- How important are communication skills for this Red Team Security Engineer position?
- Excellent communication, collaboration, and public speaking skills are highly valued, as the role requires advising clients, presenting complex findings to diverse audiences, and acting as a trusted advisor.
- Can experience in client management be beneficial for this Google job?
- Yes, experience working with local sales and management teams in driving consulting business generation, scoping, or client management is listed as a preferred qualification, indicating its value in client-facing aspects of the role.
- What kind of technical assessments will I perform as a Red Team Security Engineer?
- You will perform Red and Purple Team assessments, adversarial emulation, external penetration tests, and security testing for web applications, mobile, and wireless environments.
- What programming languages are relevant for developing security tools in this role?
- While not strictly limited, the preferred qualifications mention an understanding of underlying programming languages such as Python and C# for creating security tools.