Google
STS Cyber Defense Security Engineer, Mandiant, Google Cloud
Google, Juneau, Alaska, United States
STS Cyber Defense Security Engineer, Mandiant, Google Cloud
Join to apply for the STS Cyber Defense Security Engineer, Mandiant, Google Cloud role at Google. Overview
The Security Engineer Endpoint Detection and Response (EDR) is responsible for enabling the technology and tools required to accomplish daily tasks within a Cyber Defense Center (CDC). In this role, you will collaborate with cross-functional teams to define requirements and deliver recommendations focused on technologies required to support the client’s CDC. You will maintain the operational readiness of client EDR, create detection content, identify areas for improvement, and configure EDR or related response technologies for a client SOC to maintain effective incident detection and response capabilities. You will work in a highly technical team to administer information security technologies and learn emerging technologies while protecting customer data and corporate assets. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. The US base salary range for this full-time position is $108,000-$155,000 + bonus + equity + benefits. Salary ranges are determined by role, level, and location. Individual pay is influenced by work location and relevant experience or training. Details may be shared by your recruiter during the hiring process. Compensation figures reflect base salary only and do not include bonus, equity, or benefits. Please note that Google’s hybrid workplace includes remote roles; you may share your preferred working location from the remote locations listed in the job posting. Responsibilities
Identify challenges in customer Cyber Defense Centers and formulate strategies for improvement, plan implementation of improvements, and oversee plans to completion. Create and modify EDR and SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or Sigma open signature format. Provide expertise for EDR, SIEM and other SOC technologies that assist in incident response. Advise on technologies relied upon by the client CDC, CSIRT, and SOC. Measure and improve alert fidelity through metrics creation, tuning, and incident-specific detection logic. Engage and collaborate with client stakeholders and other groups within the customer environment to drive resolution for security issues. Qualifications
Minimum qualifications
Bachelor's degree in Computer Science, Information Systems, Cyber-security, related technical field, or equivalent practical experience. 3 years of experience in a Detection Engineering or related role. Experience with detection tuning and creation leveraging security tools (e.g., SIEM, EDR, or NDR). Preferred qualifications
One or more of the following certifications or similar: CompTIA Security+, CompTIA Network+; CISCO (CCNA); ISC2 (CISSP); SANS (GSEC, GCIH, GCED, GCFA, GCIA, GNFA, GPEN). Experience administering or implementing other security platforms (WAF, MFA, Privilege Access Management, TVM scanner, SIEM). Knowledge of scripting languages (e.g., PowerShell and Python). Understanding of cyber defense operations including incident response, containment, remediation, cyber threat intelligence, or security architecture. Understanding of logging for common platforms and devices, including operating systems, Linux, and network equipment. Excellent written and verbal communication skills. EEO and Accommodation
Google is proud to be an equal opportunity workplace and an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google\'s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
#J-18808-Ljbffr
Join to apply for the STS Cyber Defense Security Engineer, Mandiant, Google Cloud role at Google. Overview
The Security Engineer Endpoint Detection and Response (EDR) is responsible for enabling the technology and tools required to accomplish daily tasks within a Cyber Defense Center (CDC). In this role, you will collaborate with cross-functional teams to define requirements and deliver recommendations focused on technologies required to support the client’s CDC. You will maintain the operational readiness of client EDR, create detection content, identify areas for improvement, and configure EDR or related response technologies for a client SOC to maintain effective incident detection and response capabilities. You will work in a highly technical team to administer information security technologies and learn emerging technologies while protecting customer data and corporate assets. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. The US base salary range for this full-time position is $108,000-$155,000 + bonus + equity + benefits. Salary ranges are determined by role, level, and location. Individual pay is influenced by work location and relevant experience or training. Details may be shared by your recruiter during the hiring process. Compensation figures reflect base salary only and do not include bonus, equity, or benefits. Please note that Google’s hybrid workplace includes remote roles; you may share your preferred working location from the remote locations listed in the job posting. Responsibilities
Identify challenges in customer Cyber Defense Centers and formulate strategies for improvement, plan implementation of improvements, and oversee plans to completion. Create and modify EDR and SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or Sigma open signature format. Provide expertise for EDR, SIEM and other SOC technologies that assist in incident response. Advise on technologies relied upon by the client CDC, CSIRT, and SOC. Measure and improve alert fidelity through metrics creation, tuning, and incident-specific detection logic. Engage and collaborate with client stakeholders and other groups within the customer environment to drive resolution for security issues. Qualifications
Minimum qualifications
Bachelor's degree in Computer Science, Information Systems, Cyber-security, related technical field, or equivalent practical experience. 3 years of experience in a Detection Engineering or related role. Experience with detection tuning and creation leveraging security tools (e.g., SIEM, EDR, or NDR). Preferred qualifications
One or more of the following certifications or similar: CompTIA Security+, CompTIA Network+; CISCO (CCNA); ISC2 (CISSP); SANS (GSEC, GCIH, GCED, GCFA, GCIA, GNFA, GPEN). Experience administering or implementing other security platforms (WAF, MFA, Privilege Access Management, TVM scanner, SIEM). Knowledge of scripting languages (e.g., PowerShell and Python). Understanding of cyber defense operations including incident response, containment, remediation, cyber threat intelligence, or security architecture. Understanding of logging for common platforms and devices, including operating systems, Linux, and network equipment. Excellent written and verbal communication skills. EEO and Accommodation
Google is proud to be an equal opportunity workplace and an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google\'s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
#J-18808-Ljbffr