Senior Strategic Security Consultant, Mandiant, Google Cloud (English)
About The Position
Mandiant Strategic Services is a team of expert consultants dedicated to helping organizations strengthen their defenses against cyber attacks. Our work goes beyond reacting to incidents. We focus on proactively reducing risk and building resilience. This involves a range of activities, from assessing vulnerabilities and developing response plans to creating tailored security strategies that align with business goals. We are committed to delivering innovative solutions and impactful advice, leveraging cutting-edge technology and threat intelligence. Our mission is to empower organizations to confidently protect their assets and face evolving cyber threats. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Requirements
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.
- 5 years of experience assessing and developing cybersecurity solutions and programs across security domains.
- 5 years of experience in delivering cyber outcomes, identifying mission risks, and devising solutions.
- Ability to travel up to 30%.
- Ability to communicate in English fluently to work with internal partners and customer teams.
Nice To Haves
- Certifications related to specific cloud platforms.
- Experience with cloud governance, with the ability to convey governance principles to cloud computing in terms of policies.
- Experience evaluating and conducting gap analyses on existing SOC/IR playbooks to stress-test them against AI-specific threat scenarios, and the ability to define distinct logging and telemetry detection requirements.
- Proficiency in designing and optimizing AI governance operating models (e.g., centralized vs. federated structures) and developing Acceptable Use Policies (AUPs).
- Ability to assess AI supply chain risks and create secure procurement rules and vendor due diligence requirements.
Responsibilities
- Drive and execute strategic security consulting engagements, delivering prioritized results aligned with client risk profiles and executing threat-led security assessments leveraging standards like NIST AI RMF, ISO 42001, and Google SAIF.
- Pioneer AI landscape discovery, mapping enterprise and "shadow AI" tools, and educating stakeholders on critical real-world AI threats (e.g., prompt injection, agentic threats) using frontline intelligence.
- Define non-negotiable "safe to ship" thresholds and metrics for model bias and explainability, and mandate necessary Test, Evaluation, Verification, and Validation (TEVV) requirements.
- Perform critical gap analyses on existing SOC and Incident Response (IR) playbooks, stress-testing against AI-specific scenarios, and defining requisite logging and telemetry for detection.
- Architect and secure MLOps Pipelines, providing technical blueprints for automated CI/CD security gates and LLM firewalls, while assessing supply chain risks for third-party and open-source AI models.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
