Incident Response Consultant - Mandiant, Google Cloud

Job closed


Riyadh, Saudi Arabia

{{ flashMessage.message }}


Employment: Full Time

The Google Cloud Platform team helps customers transform and build what's next for their business - all with technology built in the cloud. Our products are engineered for security, reliability and scalability, running the full stack from infrastructure to applications to devices and hardware. Our teams are dedicated to helping our customers - developers, small and large businesses, educational institutions and government agencies - see the benefits of our technology come to life. As part of an entrepreneurial team in this rapidly growing business, you will play a key role in understanding the needs of our customers and help shape the future of businesses of all sizes use technology to connect with customers, employees and partners.

Mandiant Services provides incident response, assessment, transformation, managed detection and response, and training services with direct tactical support. Our Senior Incident Response Consultants resolve security incidents quickly, effectively, and at scale with complete incident response including investigation, containment, remediation, and crisis management.

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats.


- Collaborate with internal and customer teams to investigate and contain incidents. Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations.

- Recognize and codify attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs). Build scripts, tools, or methodologies to enhance Mandiant's incident investigation processes that can be applied to current and future investigations.

- Develop and present comprehensive and accurate reports, trainings, and presentations for technical and executive audiences.

- Utilize Mandiant technology to conduct large-scale investigations and examine endpoint and network-based sources of evidence.


Minimum qualifications:

- 5 years of experience leading Incident Response investigations, analysis, or containment actions.

- Experience with network and log forensic analysis, malware triage analysis, and disk and memory forensics.

- Experience with enterprise security architecture and security controls.

Preferred qualifications:

- Bachelor's degree in Computer Science, a related technical field, or equivalent practical experience.

- 3 years of experience investigating with network forensics and log analysis, malware triage analysis, disk and memory forensics in one or more of the following: Windows, macOS, Linux, or Unix.

- Ability to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.

- Excellent written/verbal communication skills, with the ability to develop documentation and explain technical details in a concise manner.


Since our founding in 1998, Google has grown by leaps and bounds. Starting from two computer science students in a university dorm room, we now have thousands of employees and offices around the world. These Googlers build products that help create opportunities for everyone, whether down the street or across the globe.

It starts with how we work together. We’re building a company where people of different views, backgrounds and experiences can do their best work and show up for one another. A place where every Googler feels like they belong.

So whether you develop new technology or creative campaigns, craft beautiful products or breakthrough partnerships, your work here is a chance to accomplish things that matter. Bring your insight, imagination, and healthy disregard for the impossible. Bring everything that makes you unique. Together, we can build for everyone.

Advertise Here