Incident Response Consultant, Public Sector

Minimum qualifications:

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.
• 2 years of investigative experience with network forensics, cloud forensics, or disk and memory forensics.
  
• 2 years of experience working in incident response investigations, analysis, or containment actions.
• Experience with attacker methodologies used to hunt for adversarial activity (e.g., Pre/Post Ransomware attack, Zero-day Exploitation, Business Email Compromise, Cloud Compromise, etc.).

Preferred qualifications:

• Certifications in cloud platforms.
  
• Experience in security competitions, Capture the Flags (CTFs) or testing platforms such as Hack the Box, TryHackMe, Overthewire, etc.
• Ability to communicate investigative findings and strategies to technical staff, executive leadership, legal counsel, and internal and external clients.
  
• Ability to document and explain technical details in a concise, understandable manner.
  
• Ability to recognize and appropriately manage sensitive data.
• Excellent time and project management skills.
  

As a Google/Mandiant Incident Response Consultant, you will provide industry-leading incident response, assessment, transformation, managed detection and response, and training services with tactical support. You will help organizations effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident. You will be able to resolve security incidents quickly, effectively and at scale with complete incident response including investigation, containment, remediation, and crisis management. In this role, you will work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage.

Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.

• Collaborate with internal and customer teams to investigate and contain incidents.
  
• Recognize and codify attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) that can be applied to current and future investigations.
  
• Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations.
  
• Investigate impact to customers to determine if new detection or compromise notifications are necessary.
  
• Correlate data collected during hunt or incident response engagements against Mandiant’s intelligence repository.