Senior Incident Response Strategist, Mandiant, Google Cloud
Company: Google
Location: Chicago
Posted on: April 1, 2026
|
|
|
Job Description:
info_outline X Note: By applying to this position you will have
an opportunity to share your preferred working location from the
following: Chicago, IL, USA; Addison, TX, USA . Minimum
qualifications: Bachelor's degree in Computer Science, Information
Systems, Cybersecurity, related technical field, or equivalent
practical experience. 5 years of experience assessing and
developing cybersecurity solutions and programs across security
domains. 5 years of experience in delivering cyber outcomes,
identifying mission risks, and devising solutions. Ability to
travel up to 30% of the time. Preferred qualifications:
Certifications related to specific cloud platforms. Experience
implementing industry-leading practices around cyber risks and
cloud security for clients’ cloud security frameworks using
industry standards. Experience with cloud governance, with the
ability to convey governance principles to cloud computing in terms
of policies. Excellent time and project management skills. About
the job Mandiant Consulting provides global organizations and
governments expert support and services to prepare for, respond to,
mitigate, and recover from major cyber events. Supporting
organizations across all environments and technologies with
expertise and support at all levels. Strategic Consulting’s mission
is to leverage our unique combination of renowned frontline
experience and exceptional threat intelligence to help
organizations assess vulnerabilities, manage crises, and establish
a proactive security posture that protects their most critical
assets. As a Principal Cyber Defense Strategist, you will empower
organizations to outmaneuver adversaries by building exceptional
defense programs and response capabilities. Rather than leading
active investigations, you will serve as a proactive architect
developing custom Tactics, Techniques, and Procedures (TTPs),
playbooks, and governance frameworks that bridge the gap between
technical SecOps and business risk. You will guide Google Security
Operations (SecOps) transformations by designing advanced detection
logic and Security Orchestration, Automation, and Response (SOAR)
automations that modernize the client’s SOC. Your role is to
conduct maturity assessments and lead executive tabletop exercises,
identifying critical gaps before they are exploited. By leveraging
Mandiant’s frontline intelligence, you will transform reactive
security teams into proactive, intelligence-led defense
organizations, ensuring they are resilient before, during, and
after a crisis. Part of Google Cloud, Mandiant is a recognized
leader in dynamic cyber defense, threat intelligence and incident
response services. Mandiant's cybersecurity expertise has earned
the trust of security professionals and company executives around
the world. Our unique combination of renowned frontline experience
responding to some of the most complex breaches, nation-state grade
threat intelligence, machine intelligence, and the industry's best
security validation ensures that Mandiant knows more about today's
advanced threats than anyone. The US base salary range for this
full-time position is $138,000-$200,000 bonus equity benefits. Our
salary ranges are determined by role, level, and location. Within
the range, individual pay is determined by work location and
additional factors, including job-related skills, experience, and
relevant education or training. Your recruiter can share more about
the specific salary range for your preferred location during the
hiring process. Please note that the compensation details listed in
US role postings reflect the base salary only, and do not include
bonus, equity, or benefits. Learn more about benefits at Google .
Responsibilities Be experienced with National Institute of
Standards and Technology Cybersecurity Framework (NIST CSF), MITRE
Adversarial Tactics, Techniques, and Common Knowledge (ATT and CK),
and Capability Maturity Model Integration (CMMI) to measure and
mature security programs. Codify Mandiant's frontline intelligence
into custom Tactics, Techniques, and Procedures (TTPs) for the
client. Be experienced in writing YARA-L rules based on known
threat actor behaviors before an attack happens. Build automated
playbooks in Google SecOps to ensure that when an incident does
occur, the response is machine-speed. Simulate realistic threat
scenarios and lead executive teams through "war game" simulations
to identify process gaps.
Keywords: Google, Oak Lawn , Senior Incident Response Strategist, Mandiant, Google Cloud, IT / Software / Systems , Chicago, Illinois
