Incident Response Security Consultant, Mandiant

  • Experienced
  • London

Google

Incident Response Security Consultant, Mandiant Overview

Company Name Google
Job Role Incident Response Security Consultant, Mandiant
Qualifications Bachelor’s
Category General Jobs
Job Type Full Time
Location London

As an Incident Response Security Consultant within Mandiant at Google Cloud, you would help organizations respond to cyber incidents and strengthen their ability to detect, contain, and recover from threats. The role centers on hands-on incident response work, tactical security support, and client-facing delivery. You would contribute across the full incident lifecycle, from investigation and containment through remediation and crisis management, while also supporting assessment, transformation, managed detection and response, and training services.

The team works with organizations facing fast-changing threats, including public sector-focused risks and advanced attacker behavior. In this position, you would help customers understand current and emerging threat actors, track how attackers change their tools and methods, and apply that knowledge to active investigations and future defensive improvements. The work is part of Google Cloud’s Mandiant organization, which is described as a leading provider of cyber defense, threat intelligence, and incident response expertise.

What you would do

  • Partner with internal teams and customer stakeholders to investigate security incidents and help contain them effectively.
  • Identify attacker tools, tactics, procedures, and indicators of compromise, then turn that knowledge into reusable insight for later investigations and response efforts.
  • Carry out host forensics, network forensics, log analysis, and malware triage to support incident response cases.
  • Lead incident response engagements with clients and review evidence from cloud environments, endpoints, and network sources.
  • Produce and present detailed, accurate reports, training content, and presentations tailored to both technical audiences and executive decision-makers.
  • Help organizations reduce business risk before, during, and after incidents by contributing to detection, response, remediation, and crisis management activities.
  • Participate in larger client-facing projects and apply knowledge of attacker behavior, motivations, and evolving tradecraft to real-world security events.

What the role requires

  • A bachelor’s degree in computer science, information systems, cybersecurity, another related technical field, or equivalent practical experience.
  • At least three years of experience delivering cyber outcomes, identifying mission risk, and designing solutions for public sector-oriented threats.
  • At least three years of end-to-end incident response experience, including investigation, analysis, or containment work.
  • Experience applying strong cyber risk and cloud security practices to client cloud security frameworks using recognized industry standards.
  • Ability to travel up to 30% of the time when needed.
  • Practical familiarity with tools and techniques used in penetration testing, security event analysis, incident response, computer forensics, network and endpoint architecture, or related security operations work.
  • Knowledge of security frameworks and standards such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS.
  • Ability to work well with clients and manage expectations effectively.
  • Mid-level professional experience, with the capability to make progress, solve problems, and guide more junior colleagues.
  • Strong English proficiency, which Google says is required for all roles unless the posting explicitly states otherwise.

Work location and pattern

The position is based in London, United Kingdom, and is also open to remote work within the United Kingdom. Google says its workplace model is hybrid, meaning roles may be either remote or in-office. For this opening, the posting indicates an in-office location in London and remote location(s) in the UK, and applicants are able to indicate their preferred working location during the application process.

Additional information

The posting describes Google as an equal opportunity and affirmative action employer and says the company is committed to building a workforce that reflects the people it serves. It also states that applicants who need an accommodation can use Google’s applicant accommodations form. Google further notes that it does not accept agency resumes and will not pay fees for unsolicited resumes. The posting includes standard information about privacy, terms, and equity grants through Alphabet Inc., including that equity awards are discretionary and subject to approval and the terms of the relevant stock plan and grant agreement.

The page also states that information collected through a Google Careers profile and any submitted application is subject to Google’s Applicant and Candidate Privacy Policy.


Degree Requirement: Bachelor’s

Visa Sponsorship May be

To apply for this job please visit www.google.com.

admin
the authoradmin