About the job

Mandiant Consulting provides global organizations and governments expert support and services to prepare for, respond to, mitigate, and recover from major cyber events. Supporting organizations across all environments and technologies with expertise and support at all levels.

Strategic Consulting’s mission is to leverage our unique combination of renowned frontline experience and exceptional threat intelligence to help organizations assess vulnerabilities, manage crises, and establish a proactive security posture that protects their most critical assets.

As a Principal Cyber Defense Strategist, you will empower organizations to outmaneuver adversaries by building exceptional defense programs and response capabilities. Rather than leading active investigations, you will serve as a proactive architect developing custom Tactics, Techniques, and Procedures (TTPs), playbooks, and governance frameworks that bridge the gap between technical Sec Ops and business risk. You will guide Google Security Operations (Sec Ops) transformations by designing advanced detection logic and Security Orchestration, Automation, and Response (SOAR) automations that modernize the client’s SOC. Your role is to conduct maturity assessments and lead executive tabletop exercises, identifying critical gaps before they are exploited. By leveraging Mandiant’s frontline intelligence, you will transform reactive security teams into proactive, intelligence-led defense organizations, ensuring they are resilient before, during, and after a crisis.
Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.

The US base salary range for this full-time position is $138,000-$200,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.

Responsibilities

• Be experienced with National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT and CK), and Capability Maturity Model Integration (CMMI) to measure and mature security programs.

• Codify Mandiant's frontline intelligence into custom Tactics, Techniques, and Procedures (TTPs) for the client.

• Be experienced in writing YARA-L rules based on known threat actor behaviors before an attack happens.

• Build automated playbooks in Google Sec Ops to ensure that when an incident does occur, the response is machine-speed.

• Simulate realistic threat scenarios and lead executive teams through "war game" simulations to identify process gaps.

Minimum qualifications

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.

• 5 years of experience assessing and developing cybersecurity solutions and programs across security domains.

• 5 years of experience in delivering cyber outcomes, identifying mission risks, and devising solutions.

• Ability to travel up to 30% of the time.

Preferred qualifications

• Certifications related to specific cloud platforms.

• Experience implementing industry-leading practices around cyber risks and cloud security for clients’ cloud security frameworks using industry standards.

• Experience with cloud governance, with the ability to convey governance principles to cloud computing in terms of policies.

• Excellent time and project management skills.