applinity

Senior Strategic Security Consultant, Mandiant, Google Cloud (English)

at Google

Location

Utah, USA

Compensation

$138k–$200k USD

Type

full time

Posted

4 weeks ago

Remote

Yes

Tailor your résumé to this role in 30 seconds.

Free account · ATS keyword check · per-job bullet rewrite by Claude.

Tailor my résuméApply on company site

Job description

Mandiant Strategic Services is a team of expert consultants dedicated to helping organizations strengthen their defenses against cyber attacks. Our work goes beyond reacting to incidents. We focus on proactively reducing risk and building resilience. This involves a range of activities, from assessing vulnerabilities and developing response plans to creating tailored security strategies that align with business goals. We are committed to delivering innovative solutions and impactful advice, leveraging cutting-edge technology and threat intelligence. Our mission is to empower organizations to confidently protect their assets and face evolving cyber threats.

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.

The US base salary range for this full-time position is $138,000-$200,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.

Responsibilities

  • Drive and execute strategic security consulting engagements, delivering prioritized results aligned with client risk profiles and executing threat-led security assessments leveraging standards like NIST AI RMF, ISO 42001, and Google SAIF.
  • Pioneer AI landscape discovery, mapping enterprise and "shadow AI" tools, and educating stakeholders on critical real-world AI threats (e.g., prompt injection, agentic threats) using frontline intelligence.
  • Define non-negotiable "safe to ship" thresholds and metrics for model bias and explainability, and mandate necessary Test, Evaluation, Verification, and Validation (TEVV) requirements.
  • Perform critical gap analyses on existing SOC and Incident Response (IR) playbooks, stress-testing against AI-specific scenarios, and defining requisite logging and telemetry for detection.
  • Architect and secure MLOps Pipelines, providing technical blueprints for automated CI/CD security gates and LLM firewalls, while assessing supply chain risks for third-party and open-source AI models.

Minimum qualifications:

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, a related technical field, or equivalent practical experience.
  • 5 years of experience assessing and developing cybersecurity solutions and programs across security domains.
  • 5 years of experience in delivering cyber outcomes, identifying mission risks, and devising solutions.
  • Ability to travel up to 30%.
  • Ability to communicate in English fluently to work with internal partners and customer teams.

Preferred qualifications:

  • Certifications related to specific cloud platforms.
  • Experience with cloud governance, with the ability to convey governance principles to cloud computing in terms of policies.
  • Experience evaluating and conducting gap analyses on existing SOC/IR playbooks to stress-test them against AI-specific threat scenarios, and the ability to define distinct logging and telemetry detection requirements.
  • Proficiency in designing and optimizing AI governance operating models (e.g., centralized vs. federated structures) and developing Acceptable Use Policies (AUPs).
  • Ability to assess AI supply chain risks and create secure procurement rules and vendor due diligence requirements.
Note: Google's hybrid workplace includes remote roles.

Remote location: Utah, USA.