Principal Threat Analyst, Synthesis and Advanced Research, Mandiant
Note: Google's hybrid workplace includes remote roles. By applying to this position you will have an opportunity to share your preferred working location from the following:
Remote locations: Virginia, USA; Connecticut, USA; District of Columbia, USA; Delaware, USA; Massachusetts, USA; Maryland, USA; Maine, USA; New Hampshire, USA; New Jersey, USA; New York, USA; Pennsylvania, USA; Rhode Island, USA; Vermont, USA.
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 8 years of experience in a customer-facing analytical role in cyber security (e.g. Network Forensics Analyst, Threat Intelligence Analyst).
- Experience with project management.
- Experience engaging with, and presenting to, technical stakeholders and executive leaders.
Preferred qualifications:
- 10 years of experience evaluating forensic reports of electronic media, packet capture, log data, malware triage, or enterprise-level information security operations.
- Experience with CTI methodologies and application within cyber security organizations.
- Experience in the analysis of CTI, supporting monitoring, detection, and response capabilities.
- Experience in deploying and analyzing data from technical security controls (e.g. web proxy, firewalls, IPS, IDS, enterprise antivirus solutions, network analyzers).
- Experience with standard network logging formats, network management systems and network security monitoring systems, and security information and event management.
About the job
The Synthesis and Advanced Research (SAR) team provides expert-level support to AIA Integrators and clients through customized products, research, and knowledge transfer. SAR produces and assists with tailored briefings and products, conducts forward-looking research, and provides training on tools and methodologies to ensure customer satisfaction. Our priorities are multifaceted, designed to ensure operational excellence and client success.
We provide comprehensive new customer support, and deliver onboarding and training for new team members. To maintain continuity, we offer extended leave support, covering critical responsibilities during prolonged absences. We also provide significant event support, deploying resources during major global events and cybersecurity campaigns. Furthermore, we drive tool development and automation efforts, supporting code development and creating new tools to enhance efficiency across intelligence delivery. Through these priorities, SAR continues to satisfy intelligence requirements and ensure customer satisfaction, upholding the mission of providing expert tactical, operational, and strategic support.
Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
The US base salary range for this full-time position is $168,000-$244,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.
Responsibilities
- Evaluate tools and best practices for tracking advanced threats, tools, techniques, and procedures (TTPs) of attacker’s motivations, and industry and attacker trends.
- Perform strategic, tactical, and operational research and analysis of adversarial cyber threats.
- Correlate intelligence to develop understandings of tracked threat activity.
- Present tactical and strategic intelligence about threat groups, the methodologies they use, and the motivations behind their activity and convey the importance of findings to a variety of audiences.
- Work with customers to determine their intelligence needs and requirements, prepare and deliver briefings and reports to the customers' executives, security team, and fellow analysts.
Apply Now