Incident Response Security Consultant, Mandiant Overview
| Company Name | |
| Job Role | Incident Response Security Consultant, Mandiant |
| Qualifications | Bachelor’s |
| Category | General Jobs |
| Job Type | Full Time |
| Location | London |
This position sits within Mandiant, part of Google Cloud, and focuses on helping organizations respond to serious security incidents with speed, precision, and depth. The work combines hands-on incident response with tactical support, client engagement, and broader cyber defense services. In this role, you would help customers detect threats, limit damage, recover from attacks, and strengthen their security posture before, during, and after an incident.
The role is based in London, UK, with remote work available anywhere in the United Kingdom. Google notes that its workplace model is hybrid, meaning some roles are remote while others are in-office, and applicants for this position can indicate a preferred working location during the application process.
What you would do
- Partner with internal specialists and customer teams to investigate incidents and support containment efforts.
- Lead client-facing incident response work, including reviewing evidence from cloud, endpoint, and network sources.
- Carry out host forensics, network forensics, log analysis, and malware triage to support investigations.
- Identify attacker techniques, tactics, and procedures, then turn those findings into indicators and intelligence that can be reused in future cases.
- Produce detailed reports, training content, and presentations that are useful for both technical audiences and executive stakeholders.
- Support a range of services including incident response, security assessments, transformation work, managed detection and response, and training.
- Help organizations reduce business risk by improving their ability to detect, respond to, and recover from cyber threats.
- Work on resolving incidents end to end, including investigation, containment, remediation, and crisis management.
- Stay current on threat actors, their motivations, and the changing tools, techniques, and procedures used in attacks.
- Contribute to larger client projects and broader defensive security efforts across Mandiant and Google Cloud.
What the role requires
- A bachelor’s degree in computer science, information systems, cybersecurity, another relevant technical field, or equivalent practical experience.
- At least three years of experience delivering cyber outcomes, identifying mission risk, and building solutions for public sector-focused threats.
- At least three years of experience handling incident response investigations, analysis, or containment from start to finish.
- Experience applying industry-standard cyber risk and cloud security practices to client cloud security frameworks.
- Willingness and ability to travel up to 30% of the time when needed.
- Practical knowledge of tools and methods used in penetration testing, security event analysis, incident response, computer forensics, network and endpoint architecture, or related security operations work.
- Understanding of security frameworks and standards such as ISO 27001, NIST 800-53, HIPAA/HITECH, or PCI DSS.
- Ability to work well with clients and manage expectations effectively.
- Strong English proficiency, which Google says is required for all roles unless the posting says otherwise.
- The position is described as mid-level, meaning it is intended for someone with solid experience who can drive progress, solve problems, and mentor more junior colleagues.
Additional context
Mandiant is presented as a recognized leader in dynamic cyber defense, threat intelligence, and incident response. Google says the team combines frontline breach response experience, advanced threat intelligence, machine intelligence, and security validation capabilities to understand modern threats in depth.
Google also states that it is an equal opportunity and affirmative action employer and that it provides workplace accommodations for applicants who need them. The company notes that it does not accept agency resumes and asks recruitment agencies not to send unsolicited applications.
Equity may be granted at Alphabet’s discretion under the relevant stock plan and grant agreement, subject to approval and the terms of the award. Google also says that such grants are discretionary and do not create any guaranteed entitlement.
How to apply
Applicants can apply through Google Careers. During the application process, candidates are able to share their preferred working location from the available options in-office in London or remote within the United Kingdom.
Degree Requirement: Bachelor’s
Visa Sponsorship May be
To apply for this job please visit www.google.com.