Security Analyst I – SOC Threat Defense

About the role

As an Associate Security Analyst in Mandiant Threat Defense (MTD) SOC, you will serve as the frontline defense against advanced threats. You will move beyond simple alert validation to conduct deep‑dive investigations using Google SecOps and Mandiant’s intelligence.

Key responsibilities

• Analyze real‑time security events across endpoint, network and cloud environments using a centralized analyst console and SIEM/Google SecOps platform.
• Perform host and network forensic analysis to support incident response and understand attacker activity.
• Execute static and dynamic analysis of suspicious files to identify capabilities such as GOOTLOADER JavaScript or CORNFLAKE.V3 backdoors.
• Determine severity, impact and scope of security incidents and recommend remediation.
• Isolate compromised hosts and stop lateral movement or ransomware propagation.

Required profile

• Bachelor’s degree in Cybersecurity, Information Technology or a related field, or equivalent practical experience.
• Minimum 2 years of experience in a SOC environment or an information‑security role.
• Experience with scripting and exposure to artificial‑intelligence technologies is preferred.

Required skills

• Proficiency with SIEM and Google SecOps platforms.
• Host and network forensic analysis.
• Static and dynamic malware analysis.
• Scripting (e.g., Python, PowerShell).
• Incident response and ability to isolate compromised systems.