Senior Incident Response Strategist, Mandiant, Google Cloud
About The Position
Mandiant Consulting provides global organizations and governments expert support and services to prepare for, respond to, mitigate, and recover from major cyber events. Supporting organizations across all environments and technologies with expertise and support at all levels. Strategic Consulting’s mission is to leverage our unique combination of renowned frontline experience and exceptional threat intelligence to help organizations assess vulnerabilities, manage crises, and establish a proactive security posture that protects their most critical assets. As a Principal Cyber Defense Strategist, you will empower organizations to outmaneuver adversaries by building exceptional defense programs and response capabilities. Rather than leading active investigations, you will serve as a proactive architect developing custom Tactics, Techniques, and Procedures (TTPs), playbooks, and governance frameworks that bridge the gap between technical SecOps and business risk. You will guide Google Security Operations (SecOps) transformations by designing advanced detection logic and Security Orchestration, Automation, and Response (SOAR) automations that modernize the client’s SOC. Your role is to conduct maturity assessments and lead executive tabletop exercises, identifying critical gaps before they are exploited. By leveraging Mandiant’s frontline intelligence, you will transform reactive security teams into proactive, intelligence-led defense organizations, ensuring they are resilient before, during, and after a crisis. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Requirements
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.
- 5 years of experience assessing and developing cybersecurity solutions and programs across security domains.
- 5 years of experience in delivering cyber outcomes, identifying mission risks, and devising solutions.
- Ability to travel up to 30% of the time.
Nice To Haves
- Certifications related to specific cloud platforms.
- Experience implementing industry-leading practices around cyber risks and cloud security for clients’ cloud security frameworks using industry standards.
- Experience with cloud governance, with the ability to convey governance principles to cloud computing in terms of policies.
- Excellent time and project management skills.
Responsibilities
- Be experienced with National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT and CK), and Capability Maturity Model Integration (CMMI) to measure and mature security programs.
- Codify Mandiant's frontline intelligence into custom Tactics, Techniques, and Procedures (TTPs) for the client.
- Be experienced in writing YARA-L rules based on known threat actor behaviors before an attack happens.
- Build automated playbooks in Google SecOps to ensure that when an incident does occur, the response is machine-speed.
- Simulate realistic threat scenarios and lead executive teams through "war game" simulations to identify process gaps.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
