Senior Incident Response Consultant, Public Sector

Note: By applying to this position you will have an opportunity to share your preferred working location from the following: Reston, VA, USA; Austin, TX, USA; New York, NY, USA; Washington D.C., DC, USA.

• Bachelor's degree or equivalent practical experience.
• 5 years of experience with four of the following: system and network forensics or administration, threat intelligence analysis, technical IR processes, reverse engineering, enterprise security architecture.
• Experience leading Incident Response (IR) investigations, analysis, and containment actions.
• Experience communicating investigative findings and strategies to audiences.
• Coding experience in one or more general purpose languages.

• Experience in implementation and design of enterprise security architecture, security controls, and best practices.
• Experience in cloud incident response and digital forensics.
• Ability to lead clients in strategic conversations with an executive presence.
• Excellent time management skills to balance time among multiple tasks and mentor staff as needed.
• Ability to travel up to 20% of the time.

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

The Incident Response team within Google Public Sector drives cybersecurity resilience across the public sector, delivering proactive defensive transformations and rapidly deploying incident response to contain breaches, leveraging tangible Mandiant brand recognition value that continuously enriches GPS products and strengthens GPS's credibility as the premier public sector experts for front line against sophisticated nation-state threats.

Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.

The US base salary range for this full-time position is $166,000-$244,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.

• Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations.
• Identify security issues and implement and design security controls, tools, and services to improve security systems and processes.
• Recognize and codify attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) that can be applied to current and future investigations.
• Collaborate with internal and customer teams to investigate and contain incidents.

Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form.