Job Description

Minimum qualifications:

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity or a related technical field, or equivalent practical experience.
• 5 years of experience in information security, with 3 years of experience in cloud security.
• Experience managing Wiz, or equivalent CSPM, across GCP or equivalent.
• Experience using Python.

Preferred qualifications:

• Experience with end-to-end attack lifecycle and TTPs (i.e. tactics, techniques, and procedures).
• Experience supporting incident response efforts within cloud environments, specifically using CSPM data to provide context during an investigation.
• Understanding of zero trust, identity and access management (IAM), and container security, with the ability to implement Center for Internet Security (CIS), National Institute of Standards and Technology (NIST), and Payment Card Industry Data Security Standard (PCI-DSS) frameworks.
• Ability to communicate technical risks to executives, manage projects, produce reports, draft approach papers, while creating custom dashboards to demonstrate security posture improvements.

About the job

Mandiant Security Transformation Services (STS) helps organizations build an effective security operations program that minimizes organizational risk and reduces the impact of security breaches.With targeted focus in on-prem and cloud architecture, our consultants work from initial assessment, on-site workshops to explore clients on-prem and cloud environment, configuration review of security controls, to detailed practical technical recommendations to harden the on-prem and cloud environment, enhance visibility and detection, and improve processes to reduce the risk of compromise.

In this role, you will lead the operationalization of the Wiz platform, integrating multi-cloud environments to achieve total asset visibility. You will bridge the gap between Cloud Engineering and Security Operations (SOC) by tuning misconfiguration detection rules, integrating alerts into security information and event management/security orchestration, automation, and response (SIEM/SOAR) pipelines, and defining automated remediation responses using cloud-native tools and Python/API scripting.
Beyond tooling, you will act as an advisor, mapping technical controls to industry frameworks (e.g., CIS, NIST, PCI-DSS) and translating governance principles into enforceable policies. You will deliver actionable executive reports, collaborate daily with client stakeholders to drive risk reduction, and support incident response efforts.Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.In this role, you will lead the operationalization of the Wiz platform, integrating multi-cloud environments to achieve total asset visibility. You will bridge the gap between Cloud Engineering and Security Operations (SOC) by tuning misconfiguration detection rules, integrating alerts into security information and event management/security orchestration, automation, and response (SIEM/SOAR) pipelines, and defining automated remediation responses using cloud-native tools and Python/API scripting.
Beyond tooling, you will act as an advisor, mapping technical controls to industry frameworks (e.g., CIS, NIST, PCI-DSS) and translating governance principles into enforceable policies. You will deliver actionable executive reports, collaborate daily with client stakeholders to drive risk reduction, and support incident response efforts.In this role, you will lead the operationalization of the Wiz platform, integrating multi-cloud environments to achieve total asset visibility. You will bridge the gap between Cloud Engineering and Security Operations (SOC) by tuning misconfiguration detection rules, integrating alerts into security information and event management/security orchestration, automation, and response (SIEM/SOAR) pipelines, and defining automated remediation responses using cloud-native tools and Python/API scripting.

Responsibilities

• Serve as the embedded subject matter expert, integrating multi-cloud environments into the Wiz platform to ensure comprehensive asset visibility and effective policy configuration.
• Collaborate with SOC and cloud engineering teams to define automated remediation responses, tune misconfiguration detection rules, and integrate cloud security posture management (CSPM) alerts into existing SIEM, SOAR, and ticketing workflows.
• Configure and manage automated compliance checks against industry-standard frameworks (e.g., CIS benchmarks, NIST, PCI-DSS, GDPR) and translate governance principles into technical rule sets.
• Conduct in-depth security posture reviews, delivering technical reports and executive dashboards that translate complex findings into actionable remediation steps.
  
• Travel up to 50% as required by client engagement.