Cloud Security Architect, Mandiant, Cloud and Infrastructure

Minimum qualifications:

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.
• Certifications related to cloud platforms (e.g., Google Cloud Platform) or industry-standard cloud certifications (e.g., CCSP, CCSK).
  
• Experience assessing and developing cybersecurity solutions and programs across multiple security domains.
  
• Experience implementing industry-leading cybersecurity and cloud security practices for client frameworks, adhering to industry standards including CIS Benchmarks, Cloud Security Alliance, and NIST SP 800-144, 800-145, 800-291, and 800-322.
  
• Ability to travel up to 50% of the time as required.
  

Preferred qualifications:

• Experience in incident response within cloud environments and applications.
  
• Experience with cloud governance, with the ability to convey governance principles to cloud computing in terms of policies.
  
• Knowledge of cloud computing concepts and their associated security controls, encompassing key areas such as architecture, networking, identity and access management, CI/CD pipeline security, secrets and data protection, logging, detection and response, as well as security controls for containers and Kubernetes.
  
• Ability to translate governance principles into effective cloud computing policies.
  

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.

About the job

As a Security Consultant, you will be responsible for helping clients effectively prepare for, proactively mitigate, and detect and respond to cyber security threats. Security Consultants have an understanding of computer science, operating system functionality and networking, cloud services, corporate network environments and how to apply this knowledge to cyber security threats.

As a Security Consultant, you could work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage. You may also test client networks, applications and devices by emulating the latest techniques to help them defend against threats, and will be the technical advocate for information security requirements and provide an in-depth understanding of the information security domain. You will also articulate and present complex concepts to business stakeholders, executive leadership, and technical contributors and successfully lead complex engagements alongside cross functional teams.

Mandiant Security Transformation Services (STS) helps organizations build an effective security operations program that minimizes organizational risk and reduces the impact of security breaches.

In this role, you will work from initial assessment, on-site workshops to explore clients on-premises and cloud environment, configuration review of security controls, detailed practical technical recommendations to harden the on-premises and cloud environment, enhance visibility and detection, and improve processes to reduce the risk of compromise.

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats.

Responsibilities

• Analyze and configure security architectures for cloud platforms (e.g., GCP) to ensure their protection.
  
• Conduct technical assessments of cloud-based SaaS platforms (e.g., Google Workspace) and directory services to identify vulnerabilities and ensure compliance.
  
• Collaborate with clients to develop integrated on-premises and cloud solutions that meet enterprise-level security, compliance, and threat response requirements.
  
• Assist in defining and developing robust governance frameworks to support effective cloud strategies and ensure alignment with organizational goals and regulatory requirements.
  
• Design cloud services and implement risk mitigation measures to minimize potential vulnerabilities and threats.