Product area
Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Qualifications
Job responsibilities
- Identify systemic failures in Cyber Defense Centers (CDCs) and formulate improvement strategies.
- Guide customers on building semi-autonomous to agentic-autonomous Security Operation Centers for incident management.
- Lead Incident Response (IR) and Table Top Exercise (TTX) to advise on, and improve client Computer Security Incident Response Team (CSIRT) and SOC Management activities.
- Integrate Mandiant's nation-state grade threat intelligence with containment and remediation processes to elevate customer's security posture.
- Advocate for cyber defense, articulate technical concepts to executive leadership and business stakeholders.
Minimum qualifications
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.
- 5 years of experience with SoC analysis, detection engineering, threat management, or a related role, and working with Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR) or Endpoint Detection and Response (EDR) technologies.
- Experience in leading incident response and Table Top Exercise (TTX) activities.
Preferred qualifications
- Certification in one or more of the following: CompTIA (e.g., Security+, CySA+) ISC2 (e.g., CSSP, CISSP) SANS-GIAC certification (e.g., GSEC, GMON, GSOC, GCIA, GCTI, GCIH, GCED, GCDA) CISCO (e.g., CCNA) EC-Council (e.g., CEH, CSA, CTIA).
- Experience with SIEM or SOAR technologies like Google SecOps, Splunk, QRadar, XSOAR, Phantom, etc.
- Knowledge of security controls for common platforms and devices, including Linux and network equipment.
- Ability to collaborate with client stakeholders and other groups within the customer environment to drive resolution for security issues.
- Excellent communication skills.
- Experience in SOC Architecture, SOC Maturity Assessment, SOC Transformations.
