Principal Consultant, Incident Response, Google Public Sector
Boulder, CO, USA; Arizona, USA
Minimum qualifications:
- 6 years of experience in investigative roles, including network forensics, malware triage analysis, cloud forensics, and disk and memory forensics.
- Experience with network forensics, malware triage analysis, and disk and memory forensics in Windows, macOS, or Linux.
- Experience with enterprise security architecture, and implementing practical control and methodology within investigation processes.
- Experience with public speaking and leading client communication.
Preferred qualifications:
- Experience in a scripting or development language (e.g. Python).
- Strong understanding of attacker methodology and methodologies used to hunt for adversarial activity.
- Strong understanding of communication protocols (e.g., HTTP, DNS, TCP/UDP) as well as the various techniques utilized by malware within an operating system for persistence and data collection.
- Ability to deliver technical training, advisory, and mentorship on complex topics in a classroom or operational environment.
- Ability to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.
About the job
The Google Public Sector Incident Response team seeks to provide the highest level of service in terms of incident investigation and remediation. We handle challenging and dynamic compromises, leveraging incident response consultants with a deep understanding of the threat landscape and attacker methodologies. Our team is on the forefront of the newest attacker TTPs, and brings to bear the full weight of Mandiant's intelligence holdings in order to provide a high quality service delivery to our clients.
Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.
The US base salary range for this full-time position is $145,000-$218,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.
The Google Public Sector Incident Response team seeks to provide the highest level of service in terms of incident investigation and remediation. We handle challenging and dynamic compromises, leveraging incident response consultants with a deep understanding of the threat landscape and attacker methodologies. Our team is on the forefront of the newest attacker TTPs, and brings to bear the full weight of Mandiant's intelligence holdings in order to provide a high quality service delivery to our clients.
Responsibilities
- Automate tracking and discovery of threats, leveraging internal and external data sources.
- Conduct host and network forensics, log analysis, and malware triage in support of network hunt or incident response investigations.
- Investigate impact to customers to determine if new detection or compromise notifications are necessary.
- Correlate data collected during hunt or incident response engagements against Mandiant’s intelligence repository.
- Correlate collected intelligence with malware research to build upon a larger knowledge base of tracked threat activity.
Tags: Cloud DNS Forensics Incident response Linux Log analysis MacOS Malware Python Scripting TTPs Windows
Perks/benefits: Equity Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs