Defensive Cyber Operations Consultant, Mandiant, Public Sector

Minimum qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, a related technical field, or equivalent practical experience.
  
• 3 years of experience with incident response, and networking architectures, conducting cyber security analysis.
  
• Certification in IAT Level III for DoD 8570.
  
• Active US Government Top Secret/Sensitive Compartmentalized Information (TS/SCI) security clearance with polygraph.
  

Preferred qualifications:

• 10 years of experience in engineering and troubleshooting networks.
  
• Experience working with commercial data sources (e.g., internet scan data, passive DNS, domain registry, malware repositories).
  
• Experience in the consumption, processing, and analysis of Cyber Threat Intelligence (CTI) to help monitor, detect, and identify attack chains.
  
• Experience evaluating host and network forensic reports of electronic media, packet capture, log data analysis, malware triage, and network devices in support of intrusion analysis or enterprise level information security operations.
  
• Experience with Enterprise security controls and Intrusion Operations.
  
• Knowledge of security solutions and technologies including Linux, and network architecture, implementation, and configuration.
  

About the job

Google Cloud accelerates organizations’ ability to digitally transform their business with the best infrastructure, platform, industry solutions, and expertise. We deliver enterprise-grade solutions that leverage Google’s technology on the cleanest cloud in the industry.

In this role, you will identify trends and anomalous activity, contextualize cyber threats, correlate source data, and provide tactical, operational, and strategic findings to offer actionable assessments. You will provide operational support to hunt, incident response, and fusion teams supporting defensive cyberspace operations. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services.

This role is 100% onsite with the customer in Augusta, GA. It is not eligible for hybrid work.

Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.

The US base salary range for this full-time position is $130,000-$193,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.

Responsibilities

• Utilize network and end-point tools to identify and analyze potential breaches or threat activity.
  
• Assess evolution of the broader threat landscape related to the customer’s act of reconciliation and associated risks.
  
• Work with the Incident Response teams and relevant stakeholders to recommend appropriate computer network actions to counter adversary activity.
  
• Provide alert-driven threat reports utilizing government intelligence sources and Mandiant’s knowledge of threat actors identities, motives, capabilities, and goals.
  
• Prepare predictive analysis describing threat groups and the types of data theft or network attacks these groups would execute.
  

Assess evolution of the broader threat landscape related to the customer’s act of reconciliation and associated risks.