At Google, we have a vision of empowerment and equitable opportunity for all Aboriginal and Torres Strait Islander peoples and commit to building reconciliation through Google’s technology, platforms and people and we welcome Indigenous applicants. Please see our for more information.
Note: Google’s hybrid workplace includes remote roles. By applying to this position you will have an opportunity to share your preferred working location from the following:
Remote locations: Australia; New South Wales, AU.
Minimum qualifications:
- 3 years of experience in Incident Response, security operations, or a related field.
- Experience with scripting/tools for investigations.
- Experience in Forensics, Network Security Monitoring, and Malware Analysis.
- Knowledge in Active Directory/Windows Security.
- Ability to produce concise investigative reports, documenting findings and recommendations, and mentor junior staff on processes.
- Excellent communication skills with the ability to translate complex technical findings to technical teams, executives, and legal counsel.
- Eligibility for security clearance and the ability to effectively manage multiple, time-sensitive investigations.
- Proven expertise in cloud Incident Response (Google Cloud, etc.), investigations, threat analysis, cloud logging, and forensics.
In this role, you will manage large, client-facing cyber Incident Response engagements, see the big picture, understand evolving attacker behavior and motivations, participate and manage large client-facing projects, and help to train/mentor other Security Consultants.
Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and Incident Response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats.
Responsibilities
- Conduct host forensics, network forensics, log analysis, and malware triage in support of Incident Response investigations.
- Recognize and codify attacker tools, tactics, and procedures in Indicators of Compromise (IOCs) that can be applied to current and future investigations.
- Utilize Mandiant technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence. Build scripts, tools, or methodologies to enhance Mandiant’s incident investigation processes.
- Develop and present comprehensive and accurate reports, trainings, and presentations for both technical and executive audiences.
- Work with clients security and IT operations teams to implement remediation plans in response to incidents.