Note: Google's hybrid workplace includes remote and in-office roles. By applying to this position you will have an opportunity to share your preferred working location from the following: In-office locations: Dublin, Ireland.Remote location(s): Ireland.Minimum qualifications:Bachelor's degree in Cybersecurity, Information Technology or equivalent practical experience.2 years of experience in a SOC environment or Information Security role.Experience with one or more EDR tools (e.g., Trellix HX, etc) or NDR tools (e.g., Trellix NX, etc).Experience in log analysis to investigate and scope security incidents.Preferred qualifications:Understanding of the stages of the attack life-cycle.Understanding of Incident Responses to contain and remediate threats.About the jobMandiant Threat Defense (MTD) was established to provide ongoing protection to customers. In this role, your goal is to deliver industry-leading detection and response capabilities to Mandiant's clients. You will be responsible for in-depth search analysis of network traffic and host activity, identifying indicators of compromise. By combining your investigative expertise with our proprietary threat intelligence, you will produce high-value compromise reports that empower organizations to neutralize threats effectively.As a Security Analyst in the MTD Security Operations Center (SOC), you will serve as the frontline defense. You will move beyond simple alert validation to conduct in-depth investigations. You will leverage Google SecOps and Mandiant's frontline intelligence to identify novel attacks.You are a part of an incredible team, who constantly strives to improve execution, automate repetitive tasks, and change the way we do security.Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.ResponsibilitiesAnalyze real-time security events across endpoint, network, and cloud environments using a centralized analyst console and SIEM/Google SecOps platform.Perform host and network forensic analysis to support incident response efforts, understand attacker activity, and assess customer impact. Execute basic static and dynamic analysis of suspicious files to determine capabilities. Draft high-quality, technically accurate reports.Determine the severity, impact, and scope of security incidents and compromises. Isolate compromised hosts and stop lateral movement or ransomware propagation.Identify benign patterns (e.g., breach simulations, authorized admin activity) and write logic to suppress them, freeing up the team to focus on threats. Contribute to the improvement of YARA-L rules and detection logic based on the changing Threat Landscape.Work within a flexible schedule to support a 24/7 global operations environment.Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form.