Subscribe to the latest remote jobs:

Principal Incident Response Security Consultant, Mandiant, Google Cloud

🌏 Worldwide

Consulting

Management

GCP

Legal

Cybersecurity

$168000 - $244000

Principal Incident Response Security Consultant, Mandiant, Google Cloud

from 🌏 Worldwide

$168000 - $244000

info_outline
XThe application window will be open until at least June 30, 2026. This opportunity will remain online based on business needs which may be before or after the specified date.

In accordance with Washington state law, we are highlighting our comprehensive benefits package, which is available to all eligible US based employees. Benefits for this role include:
  • Health, dental, vision, life, disability insurance
  • Retirement Benefits: 401(k) with company match
  • Paid Time Off: 20 days of vacation per year, accruing at a rate of 6.15 hours per pay period for the first five years of employment
  • Sick Time: 40 hours/year (increased to 69 hours/year for Seattle) including 5 discretionary sick days per instance
  • Maternity Leave (Short-Term Disability + Baby Bonding): 28-30 weeks
  • Baby Bonding Leave: 18 weeks
  • Holidays: 13 paid days per year
Note: Google's hybrid workplace includes remote and in-office roles. By applying to this position you will have an opportunity to share your preferred working location from the following:

In-office locations: Cambridge, MA, USA; Boulder, CO, USA; Reston, VA, USA; Seattle, WA, USA; Sunnyvale, CA, USA.
Remote location(s): United States.

Minimum qualifications:

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.
  • 8 years of experience working end to end incident response investigations, analysis, or containment actions.
  • 8 years of investigative experience with network forensics, malware triage analysis, cloud forensics, or disk and memory forensics.
  • Ability to travel up to 30%.

Preferred qualifications:

  • Experience managing enterprise systems or networks.
  • Experience conducting threat hunting in various environments.
  • Ability to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.
  • Ability to quickly learn and use a new technology stack or platform.
  • Proficient with commercial and open source forensics suites such as XWays and TSK.

About the job

As an Incident Response Consultant, you will provide industry-leading incident response, assessment, transformation, managed detection and response, and training services with in-depth tactical support. You will help organizations effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident. You will be able to resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment, remediation, and crisis management. In this role, you will work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage.

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Individual pay is determined by factors including job-related skills, experience, and relevant education or training.

US: $168000 - $244000 (USD) + 20% bonus target + equity + benefits

Learn more aboutbenefits at Google.

Responsibilities

  • Manage incident response engagements, compromise assessments, and threat-hunting operations with minimal guidance.
  • Execute digital forensics, host-based live response, network traffic analysis, and static/dynamic malware analysis across cloud (GCP) and on-premise environments.
  • Automate forensic tasks and build team utility tools using programming languages.
  • Oversee the project lifecycle for multiple consulting engagements, including planning, budgeting, and quality control.
  • Draft investigation reports and present technical findings clearly to client stakeholders, leadership, and external legal counsel.
by @maxrusakovic