Google Cloud accelerates organizations’ ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
In this role, you will track all impactful adversaries by collecting, modeling, and investigate data originating from thousands of investigations conducted by Mandiant, third-party telemetry, as well as novel sources and methods. Mandiant’s recently released campaigns feature in the Mandiant Advantage SaaS platform provides security professions with a quick way to stay updated on active campaigns affecting their industries and regions.
Analyze technical data to extrapolate adversary methodologies and identifiable characteristics of modeling and highlighting within tracked campaigns.
Provide an understanding of the adversary tactics, techniques and procedures.
Communicate findings through curating and modeling data, provide customer-facing attribution intelligence, and publish tracked campaigns along with key context and analysis.
Track and assess impactful adversaries by using all-source data.
(Australia)At Google, we have a vision of empowerment and equitable opportunity for all Aboriginal and Torres Strait Islander peoples and commit to building reconciliation through Google’s technology, platforms and people and we welcome Indigenous applicants. Please see our Reconciliation Action Plan for more information.
(Singapore) Google will be prioritizing applicants who have a current right to work in Singapore, and do not require Google's sponsorship of a visa.
Note: Google’s hybrid workplace includes remote roles. By applying to this position you will have an opportunity to share your preferred working location from the following:
Remote locations: Singapore; Australia.
4 years of experience in network forensics, threat analysis, or security consulting on Windows, MacOS, Linux Operating System, and memory forensics.
Experience in commercial data source (internet scan data, passive DNS, domain registry, malware repositories).
Experience with Incident Response, Enterprise Security Controls and Intrusion Operations.
Experience working in fast-paced and continuously changing environments coupled with the ability to present written or verbal information to technical and non-technical audiences.
Experience in Windows, MacOS, Linux operating system and memory forensics.
Ability to manage expectations with executive stakeholders and team members.
Strong problem solving, troubleshooting, and analysis skills related to Incident Response, Enterprise security controls and Intrusion Operations.