Senior Cyber Security Consultant, Public Sector

Minimum qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, related technical field, or equivalent practical experience.
• 6 years of experience performing cyber security assessments, security engineering, or security architecture reviews.
• Experience Red Teaming/Offensive Security, Zero Trust Assessments, Incident Response, or Cyber Threat Hunting/Threat Intelligence.
  
• Active US Government Top Secret clearance and eligibility for SCI.
  

Preferred qualifications:

• Certifications in Global Information Assurance Certification (GIAC), GIAC Security Essentials (GSEC), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), Offensive Security Experienced Penetration Tester (OSEP), Offensive Security Certified Professional (OSCP), and CompTIA Advanced Security Practitioner (CASP)
• Experience with Security Operations Center Tooling and Platform (i.e., SIEM, IDS, IPS, SOAR, and EDR).
• Experience using Mandiant Security Validation

Experience with coding and scripting.

Excellent communication, and presentation skills.

About the job

As a Google Public Sector/Mandiant Senior Security Consultant, you will engage with customers across the Department of Defense, and related Agencies, and provide expert-level cybersecurity services. Using various tools, such as Mandiant Security Validation, you will be responsible for helping clients effectively identify and mitigate cyber security threats. Specifically, you will assess a customer's security environment and provide recommendations on how to enhance their security posture in support of short- and long-term projects.

As a Senior Security Consultant, you will lead customer engagements and assist clients in navigating technically complex and high-profile security concerns. You will test and assess the security posture of a customer's network, their applications, and devices by emulating offensive techniques that help them defend against threats. As an engagement lead you will be the technical advocate for information security requirements and possess an in-depth understanding of the information security domain. You will also articulate and present complex security concepts to business stakeholders and executives and provide recommendations on how best to improve the customer's security environment.

Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.

The US base salary range for this full-time position is $130,000-$193,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google .

Responsibilities

• Conduct technical security assessments, evaluate a customer's network architecture and security controls, and provide recommended improvement areas, new tooling and technologies.
  
• Draft professional reports summarizing findings and incorporating recommendations that enhance a customer's security posture.
  
• Evaluate and assess security stack appliances and configurations, includingSecurity information and event management(SIEM) or Security Operations Center(SOC) processes, and advise clients on how best to remediate security vulnerabilities.
  
• Analyze security documentation and configure playbooks, including security tool rulesets, alert thresholds, network telemetry, and other necessary references.