Cyber Defense Senior Detection Engineer, Mandiant, Google Cloud
Apply NowLocation:
California, CA, US
Company:
Google is a global technology leader focused on innovation and building products that improve user experience and connectivity.
Summary:
The Cyber Defense Senior Detection Engineer at Google will enhance the operational capabilities of the Cyber Defense Center through technology management. Applicants should have a bachelor's degree and extensive experience in detection engineering and related fields.
Requirements:
Technology: SIEM, EDR, NDR, PowerShell, Python
Hard Skills: Detection Engineering, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Cyber threat intelligence, Incident response
Credentials: Bachelor's degree in Computer Science, Information Systems, Cyber Security, related technical field, or equivalent practical experience.
Experience: 6 years of experience in a Detection Engineering or related role, working with Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) technologies., Experience using multiple operating systems, directory service software, and document, spreadsheet, and presentation software., Experience with detection tuning and creation leveraging various security tools including SIEM, EDR, or NDR tools.
Job Description:
About the job
In this role, you will be responsible for enabling the technology and tools required to accomplish daily tasks within a Cyber Defense Center (CDC). You will collaborate with multiple cross-functional teams such as Security Architects, Security Analysts, Client Information Technology (IT) resources, and other business resource owners, to define requirements and deliver recommendations focused on technologies required to support the client's CDC. In addition, you will be responsible for maintaining the operational readiness of client SIEM, creating detection content, identifying areas for improvement, and setting appropriate configurations of the SIEM or related response technologies required for a client's security operations center (SOC) to maintain effective incident detection and response capabilities. You will also work as a member of a highly technical team in a rapidly changing environment, administer a variety of information security technologies, learn new emerging technologies, and be passionate about protecting customer data and corporate assets from the threats facing multiple industries.
Responsibilities
- Identify challenges in customer Cyber Defense Centers and formulate strategies for improvement, plan implementation of improvements, and execute/oversee plans to completion.
- Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or Sigma open signature format.
- Provide expertise for SIEM and other SOC technologies that assist in incident response.
- Measure and improve alert fidelity through metrics creation, tracking, responding to tuning requests, implementing incident-specific detection logic, etc.
- Engage and collaborate with client stakeholders and other groups within the customer environment to drive resolution for security issues.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
