Senior Strategic Application Security Consultant, Mandiant, Google Cloud

Google•Chicago, IL

About The Position

In this role, you will be a part of the Mandiant Strategic team, working to help clients reduce business risk by strengthening their cybersecurity programs. You will streamline security efforts, prioritize risk mitigation, and drive continuous improvement across the entire security landscape, including application security (AppSec) and secure software development life-cycle (SDLC) practices. You will support clients through incident response recovery, cyber program transformations, and comprehensive security assessments covering infrastructure, applications, and cloud environments. As an Application Security Consultant, you will own a workstream, acting as a trusted advisor and driving client objectives, bringing together cybersecurity expertise, agile principles, and project management to deliver impactful and lasting improvements to our external clients' security posture. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.

Requirements

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.
5 years of experience assessing and developing cybersecurity solutions and programs across security domains.
5 years of experience working with application information security, infrastructure, software, or platforms, with cloud services.
Ability to travel up to 30% of the time.

Nice To Haves

Certifications related to specific cloud platforms.
Experience with application development, leading application/software projects and customer relationships while working cross-functionally in organization.
Experience implementing industry-leading practices around cyber risks and cloud security for clients’ cloud security frameworks using industry standards.
Experience with cloud governance, with the ability to convey governance principles to cloud computing in terms of policies.
Excellent time and project management skills.

Responsibilities

Leverage cyber security technical skills (or prior experience as a DevSecOps engineer or Cyber security engineer) to lead engagements as a highly skilled Cyber security Consultant and Delivery Lead.
Drive measurable security risk reduction in application and cloud environments by leading teams and utilizing data and security telemetry for informed decision-making.
Guide clients on risk reduction priorities, cyber security best practices, and technical debt reduction by advocating for automation and secure-by-design principles to reduce remediation lead times.
Conduct secure code reviews, identify common vulnerabilities, and deliver actionable remediation to development teams, applying experience with modern development languages (e.g., Python, Java) and associated security tools, and offering feedback on AppSec/DevSecOps maturity.