Explore Career Opportunities with GSV’s world-class partners

Powered By

Nu Advisory Partners

Senior Security Researcher, Mandiant



Posted on Wednesday, May 24, 2023

Google will be prioritizing applicants who have a current right to work in Singapore, and do not require Google's sponsorship of a visa.


Minimum qualifications:

  • 4 years of experience in malware analysis, incident response, red teaming, network security, forensic analysis, or threat intelligence.
  • Experience with one scripting or programming language (i.e., Python, C, or Rust).
  • Experience detecting TTPs on endpoints and servers, in the cloud or on premise.

Preferred qualifications:

  • Ability to set and manage expectations with executive stakeholders and team members.
  • Excellent leadership skills with the ability to prioritize and execute independently.
  • Exceptional written and verbal communication skills with the ability to present to technical and non-technical audiences.
  • Self-driven, creative, and a team-player with excellent problem solving, troubleshooting, and analysis skills.

About the job

The Research and Discovery team focuses on researching and following the evolution of techniques used by adversaries. The key task is to find new adversary techniques through technical research of methodologies and use it to surface new compromises, malware and threat groups while scaling the teams effort via as much automation as possible in both finding, labelling, and parsing threat data.

Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.


  • Research and analyze threat data to extract adversary techniques (e.g. TTPs) from security data and malware to expand Google’s knowledge, build detections, and identify potential victims. Focus on technique/methodology and run across file, endpoint, network, and cloud in formats like Yara, Yara-L, Snort, and OpenIOC.
  • Perform in depth investigation and interrogation of telemetry data across a wide range of sources.
  • Support efforts of different internal teams, including incident response engagements, with technical research.
  • Take initiative to dive into new areas of research relating to potential actor techniques, tools, etc. to identify novel threats, enable our automations, and enhance our threat data collection/labeling.
  • Document findings internally, improve workflows, and develop automation to improve efficiency and efficacy when working with security data. Publish research findings on blogs and other public formats where applicable.

Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.

To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees or any other organization location. Google is not responsible for any fees related to unsolicited resumes.

At Google, we’re committed to building a workforce that is more representative of the users we serve and creating a culture where everyone feels like they belong. To learn more about our diversity, equity, inclusion commitments and how we’re building belonging, please visit our Belonging page for more information.

We welcome and encourage people who are expecting and/or parents-to-be to apply to this or any other role at Google.

Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles.