Minimum qualifications:

• 3 years of experience in Security Analysis, Networking, Windows, TCP/IP, Security and Command-Line Interface.

• 3 years of experience in security operations or system/network administration, or relevant certifications (e.g., GCIH, GCFA, GREM, CEH, CySA+, CC, etc.).

• Experience in Protocols, Log Analysis, Security Monitoring, Cyber Security, Logging and Attacks.

Preferred qualifications:

• Certifications in PEN-200/OSCP, GCFA, GREM, or GPEN.

• Experience with log management platforms, such as Splunk or Elasticsearch/Logstash/Kibana (ELK).

• Experience with cloud infrastructure such as Google Cloud Platform (GCP).

• Experience writing either host-based or network-based detections (e.g., Yara or Snort).

• Knowledge of common offensive security tools, such as: Metasploit, Cobalt Strike, Empire, PowerSploit, or CrackMapExe.

• Familiarity with enterprise IT administration tools and the “living off the land” (LotL) concept.

As a Threat Hunting Analyst, you will be responsible for monitoring, detecting, and responding to cyber-attacks at many of the world’s top companies. Your focus will be on host and network analysis, turning over every stone and looking for signs of intrusion, malware execution, and attacker activity. You will be part of an incredible team of analysts who work tirelessly to apply their security and response expertise in conjunction with threat intelligence to deliver a high-impact and value service to Managed Defense customers, providing actionable recommendations and compromise reports.

Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

• Develop and apply problem-solving techniques to large data sets to perform continuous hunting activities within Managed Defense customer environments for previously unidentified threats.

• Develop workflows and automations to reduce attacker dwell time and enhance Managed Defense’s threat hunting processes.

• Translate threat actor tools, techniques, and procedures (TTPs) into hunting analytics.

• Evaluate hunting analytic efficacy for tuning and promotion of analytics to alerting status.

• Utilize Mandiant and supported vendor technologies to conduct investigations and examine endpoint and network-based sources of evidence.

Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also https://careers.google.com/eeo/ and https://careers.google.com/jobs/dist/legal/OFCCPEEOPost.pdf If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form: https://goo.gl/forms/aBt6Pu71i1kzpLHe2.