Security Consultant, Red Team, Mandiant Consulting, Google Cloud

Minimum qualifications:

• Bachelor's degree in Cybersecurity, with a focus on offensive security, or equivalent practical experience.
  
• Experience in three of the following security areas: network, red team assessments, EDR evasion, cloud, social engineering, scripting, tool development.
  
• Experience in operating system security across Windows, Linux, or Mac.
  

Preferred qualifications:

• Certifications related to offensive security, including OSCE, OSEP, OSEE, OSCP, CCSAS, CCT INF or relevant SANS courses.
  
• Experience in payload development, lateral movement, privilege escalation and EDR evasion.
  
• Experience in four or more of the following: network protocols, threat intelligence analysis, system and network administration, project management, developing applications, technical incident response processes, source code review, reverse engineering.
  
• Experience in creating security tools, with the understanding of underlying programming languages (e.g., Python, C#, C/C++, Rust, Nim or similar).
  

About the job

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats.

Responsibilities

• Perform Red and Purple Team assessments, including adversarial emulation of cyber attacks against customer organizations, and other technical cyber assessments, including web application, mobile and wireless security testing.
• Expand the team’s capabilities through tool creation, research on offensive techniques, incorporation of threat actor intelligence, internal presentations and knowledge share.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences, and act as a trusted advisor to c-level, security leaders and other customer stakeholders.
• Assist with scoping prospective engagements, leading teams for engagements from kickoff through remediation phase, as well as mentoring other staff.
• Understand offensive security, threat actors, and security best practices in general.