Technical Intelligence Analyst, Mandiant
Note: Google’s hybrid workplace includes remote roles.
Remote location: United States.
- 5 years of experience leading investigations into and generating novel leads on espionage activity.
- Experience tracking and attributing adversaries via infrastructure, artifacts, and reverse engineering and malware analysis.
- Experience with writing and presenting on various topics and assessments for an audience with mixed backgrounds.
- Experience with technical analysis.
- Experience with dynamic and static analysis of multiple operating system, architecture, and file formats.
- Experience identifying and prioritizing cyber threats for investigation.
- Experience developing automated techniques for hunting, analyzing, and attributing espionage activity such as decoders/decryptors, parsers/extractors, network manipulation, etc.
- Experience developing tools to uncover focused activity leveraging large data sets.
- Experience mentoring or supervising analysts.
- Understanding of attacker methodology and methodologies used to hunt for adversarial activity.
About the job
In this role, you will identify, track and communicate the importance of state backed threats. You will conduct technical analysis of malicious software, campaigns, and the Tactics, Techniques and Procedures (TTPs) of nation-state sponsored actors. You will lead investigations against a broad set of intelligence priorities to handle a variety of assignments and situations and demonstrate full knowledge of fundamental concepts across a wide range of intelligence disciplines. You will exercise acumen in selecting and applying appropriate work methods, procedures, techniques and practices as well as develop automated techniques for tracking advanced actors.
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.
The US base salary range for this full-time position is $153,000-$234,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.
- Conduct and lead comprehensive research into the Tactics, Techniques and Procedures (TTPs) and motivation of state sponsored espionage campaigns and actors.
- Develop automated techniques and tools through reverse engineering and malware analysis for the discovery, categorization, and attribution of malware and infrastructure.
- Prioritize research according to customer priorities and requests.
- Support written reporting on state sponsored espionage.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees or any other organization location. Google is not responsible for any fees related to unsolicited resumes.
At Google, we’re committed to building a workforce that is more representative of the users we serve and creating a culture where everyone feels like they belong. To learn more about our diversity, equity, inclusion commitments and how we’re building belonging, please visit our Belonging page for more information.
We welcome and encourage people who are expecting and/or parents-to-be to apply to this or any other role at Google.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles.
Something looks off?