Incident Response Security Consultant, Mandiant

  • Experienced
  • London

Google

Incident Response Security Consultant, Mandiant Overview

Company Name Google
Job Role Incident Response Security Consultant, Mandiant
Qualifications Bachelor’s
Category General Jobs
Job Type Full Time
Location London

This role sits within Mandiant, part of Google Cloud, and focuses on helping organizations respond to security incidents with speed, depth, and practical expertise. The position is centered on incident response work that spans assessment, transformation, managed detection and response, and training. The consultant is expected to provide hands-on tactical support that helps clients detect threats, respond effectively, and reduce business risk before, during, and after an incident. The work involves resolving security incidents at scale through the full response lifecycle, including investigation, containment, remediation, and crisis management.

The role also requires a strong understanding of current and emerging threat actors, along with the ability to track how attacker behavior, motivations, tools, tactics, and procedures evolve over time. This is a client-facing position that involves participation in substantial engagements and close collaboration with both internal teams and customer stakeholders.

What you will do

  • Partner with internal teams and customer contacts to investigate security incidents and support containment efforts.
  • Identify attacker techniques, tactics, and procedures, then document them in a way that can be reused in later investigations.
  • Capture and analyze indicators of compromise so they can inform current and future response work.
  • Carry out host forensics, network forensics, log analysis, and malware triage to support incident investigations.
  • Lead incident response engagements with clients and review evidence from cloud, endpoint, and network environments.
  • Prepare and present detailed, accurate reports, training content, and presentations for both technical audiences and executive stakeholders.

Experience and qualifications

  • A bachelor’s degree in computer science, information systems, cybersecurity, or another related technical field, or equivalent practical experience.
  • At least 3 years of experience delivering cyber outcomes, identifying mission risk, and creating solutions for public sector-focused threats.
  • At least 3 years of experience working through incident response investigations from start to finish, including analysis and containment.
  • Experience applying leading cyber risk and cloud security practices to client cloud security frameworks using recognized industry standards.
  • Ability to travel up to 30% of the time as needed.
  • Helpful technical knowledge in areas such as penetration testing, security event analysis, incident response, digital forensics, network architecture, endpoint architecture, or related security operations disciplines.
  • Familiarity with security frameworks and standards such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS is preferred.
  • Ability to work effectively with clients and manage expectations in a professional, customer-facing environment.
  • Mid-level experience is expected, with the ability to drive work forward, solve problems, and support or mentor less experienced team members.

Team and role context

Mandiant is presented as a trusted name in dynamic cyber defense, threat intelligence, and incident response. The organization combines frontline breach response experience, threat intelligence, machine intelligence, and security validation capabilities to help customers understand and defend against advanced threats. This role contributes directly to that mission by supporting complex investigations and helping clients improve their response readiness and resilience.

Working arrangement

The position is based in London, UK, with remote work available anywhere in the United Kingdom. Google states that its workplace model is hybrid, meaning the role may involve both remote and in-office work. Applicants are given the opportunity to indicate their preferred working location, with London listed as the in-office option and the United Kingdom listed as the remote location.

Additional information

Google states that English proficiency is required for all roles unless the posting says otherwise. The company also notes that it does not accept agency resumes and will not be responsible for fees related to unsolicited resumes. Applicants who need an accommodation during the hiring process can use Google’s accommodations form. Google also includes its equal opportunity and affirmative action statement, emphasizing its commitment to a representative workforce and an inclusive workplace.

The posting also explains that information collected through a Google Careers profile and any submitted applications is handled under Google’s Applicant and Candidate Privacy Policy. Equity-related grants, if offered, are discretionary and governed by Alphabet’s stock plan and grant agreement terms.


Degree Requirement: Bachelor’s

Visa Sponsorship May be

To apply for this job please visit www.google.com.

admin
the authoradmin