Senior Red Team Consultant

About the Senior Red Team Consultant Role at Google Mandiant

As a Senior Red Team Consultant, you will be instrumental in delivering cutting-edge cybersecurity consulting services and support to Google's clients. This involves assessing and advising clients on both technical and process-based controls across various environments. Your primary responsibilities will include performing Red and Purple team assessments, specifically adversarial emulation of cyber attacks against customer organizations. You will also conduct other technical cyber assessments, such as external engagement, web application, mobile, and wireless security testing. A key aspect of this role is expanding the team’s capabilities through tool creation, research into offensive techniques, integrating threat actor intelligence, and contributing to internal presentations and knowledge sharing.

You will be responsible for developing comprehensive and accurate reports and presentations tailored for both technical and executive audiences. Acting as a trusted advisor, you will engage with C-level executives, security leaders, and other customer stakeholders. Your role will also involve assisting with scoping prospective engagements, leading teams through engagements from kickoff to remediation, and mentoring junior staff.

Mandiant, a part of Google Cloud, is a recognized leader in dynamic cyber defense, threat intelligence, and incident response. Mandiant's expertise has earned the trust of security professionals and executives globally, known for its unique combination of frontline experience, nation-state grade threat intelligence, machine intelligence, and industry-leading security validation, providing unparalleled insight into advanced threats.

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field or equivalent practical experience.
• 5 years of experience assessing and developing cybersecurity solutions across multiple security domains.
• Experience in four or more of the following: network protocols, threat intelligence analysis, system and network administration, project management, developing applications, technical incident response processes, source code review, reverse engineering.
• Experience in offensive security.
• Experience with operating system security across Windows, Linux, or Mac.

Preferred Qualifications

• Certifications related to offensive security including OSCE, OSEP, OSEE, OSCP, CISSP, CISA or relevant SANS courses.
• Experience working with local sales and management teams in driving consulting business generation, scoping or client management.
• Experience in creating security tools and understanding underlying programming languages (such as Python, C#, C/C++, Rust, Nim or similar).
• Ability to communicate technical details through reporting and presentations to both technical and executive audiences.
• Excellent communication, collaboration, and public speaking skills.

Responsibilities

• Perform offensive technical cyber security engagements of a varied nature.
• Interface with clients to address concerns, issues, or escalations, track and guide to closure any issues that impact the engagements and its value to clients.
• Advise clients on security best practices for remediating discovered issues.
• Collaborate with internal teams to expand capabilities to deliver further value to clients.

Key skills/competency

• Red Teaming
• Adversarial Emulation
• Offensive Security
• Cybersecurity Consulting
• Threat Intelligence
• Incident Response
• Web Application Security
• Mobile Security
• Python
• Client Management