Security Consultant, STS, Cyber Defense

Mandiant (part of Google Cloud) is a recognized leader in dynamic cyber defense and threat intelligence. They are the people companies call when they get hacked by nation-states. As a Security Consultant, you will not just be monitoring screens; you will be advising clients on how to run their Cyber Defense Centers (CDC). You will act as a Subject Matter Expert (SME) for Cloud Forensics and Incident Response, helping clients transform their SOC capabilities.

Key Responsibilities

• SOC Transformation: Identify challenges in customer Cyber Defense Centers and formulate strategies for improvement.
• Incident Response: Conduct real-time analysis using SIEM and EDR technologies to identify security events and manage incident response activities.
• Cloud Forensics: Act as an SME for Cloud Forensics, advising clients on how to handle breaches in Google Cloud, AWS, or Azure.
• Google SecOps: Provide consultation and support for the deployment of Google SecOps (formerly Chronicle) in client environments.
• Threat Intelligence: Leverage attacker techniques and intelligence sources to improve detection capabilities.

Requirements

• Dual Experience: The JD asks for a mix: 5 years in Multi-Cloud Security (IaaS/PaaS/SaaS) AND 5 years as a SOC Analyst/Threat Hunter.
• Tech Stack: Deep experience with SIEM, EDR, and Cloud-Native Architectures (Kubernetes, Docker, Serverless).
• Scripting: Knowledge of Python or PowerShell for automation.
• Soft Skills: Ability to engage with client stakeholders (This is a consulting role, communication is key).

Preferred Qualifications

• Certifications: CISSP, GCIH, GCFA, GNFA, OSCP (implied via "GPEN"), or CompTIA Security+.
• OS Knowledge: Understanding of security controls for Linux and network equipment.