Incident Response Consultant, Public Sector, Mandiant Consulting
- linkCopy link
- emailEmail a friend
Remote location: Australia.
Minimum qualifications:
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.
- 3 years of experience working end-to-end incident response investigations, analysis, or containment actions.
- 3 years of investigative experience with network forensics, malware triage analysis, cloud forensics, or disk and memory forensics.
- Experience with enterprise security architecture and security controls.
- Successful candidates will be required to obtain NV1 clearance under the Australian Government Protective Security Policy Framework (PSPF).
Preferred qualifications:
- Experience in cloud incident response or cloud forensics.
- Experience in security competitions, Capture the Flags (CTFs) or testing platforms such as Hack the Box, TryHackMe, Overthewire, etc.
- Experience with at least 3 of the following, network or log forensic analysis, malware triage analysis, disk or memory forensics.
- Ability to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.
About the job
As an Incident Response Consultant, you will provide industry-leading incident response, assessment, transformation, managed detection and response, and training services with in-depth tactical support. You will help organizations effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident. You will be able to resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment, remediation, and crisis management.Responsibilities
- Collaborate with internal and customer teams to investigate and contain incidents.
- Support specific workstreams for a variety of client-facing investigations including the examination of cloud, end-point, and network-based sources of evidence.
- Recognize and codify attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) that can be applied to current and future investigations.
- Develop comprehensive and accurate reports and presentations for technical and non-technical audiences.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.