Interesting Data Gigs # 23: Get a job inside the CyberSecurity industry and skyrocket your career - Part II

Let's talk about a very interesting role at Mandiant

If you are not a subscriber of Interesting Data Gigs, join other 2130+ Data geeks (between LinkedIn and this newsletter) that receive it directly in their inbox each week — it’s free and made with Beehiiv.

Looking for a role today? Join our Interesting Data Gigs Talent Collective

It’s the perfect time to be part of The Interesting Data Gigs Talent Network, where you will find excellent Software Engineering roles from companies like Binance, Cameo, Luminary, Rocket Money (formerly known as Truebill), and more incredible organizations.

Let’s change the game together: Instead of people applying to companies, companies will pitch to you, so don’t wait any other moment and join today.

And if your company is looking for a very selected pool of candidates focused on Data Engineering, you can join as well to the Talent Collective.

Hello Data Geek.

In the first article of this series, I explained why a role inside the CyberSecurity industry could be the rocketship that you will need to revamp your career to the stratosphere.

In that article, I shared some interesting stats numbers about the future of the industry and shared some fascinating open roles at Palo Alto Networks.

Now, a promise is a promise. In the last issue, I shared that I wanted to dedicate a whole article to Mandiant.

Why? Two main reasons:

  • Because it’s an incredible organization

  • and as part of Google Cloud, they will grow even faster

Let me expand on the fact that they are part of Alphabet.

On February, 7th, 2023 Jen Fitzpatrick (Senior Vice President, Core Systems & Experiences at Google) shared this in Google’s blog:

As a company that’s been pioneering artificial intelligence (AI) for two decades, we use state-of-the-art technology to stop the majority of online threats before they emerge. We protect Gmail users from nearly 15 billion unwanted messages a day, blocking more than 99.9% of spam, phishing, and malware. Now, we’re further expanding spam protections in Google Drive. In the coming weeks, we’ll begin rolling out, in beta, a new view in Drive for content that has been automatically classified or manually reported as spam. This is similar to your spam folder in Gmail – making it easier for you to review and stay safe from unwanted content.

And Royal Hansen (Vice President of Engineering for Privacy, Safety, and Security at Google) shared that Google will distribute 100k Titan Security keys for free to high-risk individuals:

Side note here:

If you visit this link, you can find this gem:

Contact: mailto:[email protected]:

Very cool, right? And if you visit the last link, it will send you to a targeted job search on the Google Careers website, focused on Security:

That’s a very cool way to keep you informed about the last Google Security-focused roles.

But let’s concentrate on Mandiant today.

First things first: What is Mandiant?

I love the way they call themselves:

In simple terms:

It’s a company helping other companies to protect their IP from bad actors, using a dynamic cyber defense approach with a combination of services and products delivered by amazing professionals with deep expertise in the security space.

If you have followed this industry for a while, you have seen the incredible research coming from professionals inside Mandiant.

Their blog is a live probe of that statement.

Mandiant was acquired by Google in September 2022 and from my perspective, Google got an incredible asset here to bolster its security portfolio along with Chronicle Security.

About this acquisition, Thomas Kurian, the CEO of Google Cloud shared:

Today we’re excited to share the next step in this journey with the completion of our acquisition of Mandiant, a leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant shares our cybersecurity vision and will join Google Cloud to help organizations improve their threat, incident and exposure management.

Combining Google Cloud’s existing security portfolio with Mandiant’s leading cyber threat intelligence will allow us to deliver a security operations suite to help enterprises globally stay protected at every stage of the security lifecycle. With the scale of Google’s data processing, novel analytics approaches with AI and machine learning, and a focus on eliminating entire classes of threats, Google Cloud and Mandiant will help organizations reinvent security to meet the requirements of our rapidly changing world.

I completely agree with Kurian on this. With Google’s scale and Madiant’s security expertise is a marriage in heaven.

This could be the spearhead that Google Cloud needs to grab more market share in the Cloud business.


The last report from Mandiant called “Global Perspectives on Threat Intelligence" has shared some light on it.

These are some of the interesting statistics from the report:

While the report found that nearly all respondents (96%) were satisfied with the quality of threat intelligence their organization is using, respondents declared effectively applying that intelligence throughout the security organization to be one of their greatest challenges (47%). Further, almost all (98%) of those surveyed said they need to be faster at implementing changes to their cyber security strategy based on available threat intelligence

When asked about confidence in whether their organization is fully prepared to defend itself against different cyber security events, respondents felt most confident in tackling financially motivated threats, such as ransomware (91%), followed by those conducted by a hacktivist actor (89%) and nation-state actor (83%). When asked to rank which countries their organization would be unable to fully defend itself against, more than half of respondents (57%) said Russia, followed by China (53%), North Korea (52%), and Iran (44%).

Only 38% of security teams share threat intelligence with a wider group of employees for risk awareness.

A majority (79%) of respondents relayed that their organization could focus more time and energy on identifying critical trends.

What do these findings tell you?

That more organizations every single day are looking for new ways to protect themselves from all these malicious actors, and Mandiant and Google are very well positioned to offer a great security service here.

That’s why I firmly believe that joining Mandiant could be a very good career move today.

Let’s talk about the role now: Data Engineer at Mandiant

Unfortunately, the role I wanted to write about, expired. But you can read at least the description here.

This position was posted by Roman Treydin (a Recruiter Lead EMEA at Google/Mandiant). So, perhaps a good approach could be to ask Roman about it.

Let’s dissect the role piece by piece:

You will work on the Information Operations (IO) intelligence analysis team, while partnering with a small multidisciplinary group to design and implement some of our most critical research and collection projects.

You will provide innovative, pragmatic solutions to technical problems based upon data collections and processing.

You will be self-driven to learn about the security challenges we seek to address and work with members from different teams to design solutions to collect and process data to identify and expose information operations.

A key piece of information here? The name of the team you could work with: Information Operations (IO) intelligence analysis team

Increase actionability of threat intelligence reporting by helping us develop infrastructure to analyze and process large amounts of data

Collaborate with IO team to architect, develop, and manage solutions for the collection and analysis of high volumes of data.

The common denominator here? You could work with a trove of data in this role.

Required Skills:

Experience or interest in architecting data systems for large-scale data query and aggregation

Experience with different programming languages and willingness to learn new ones depending on the requirements – experience with Python strongly preferred

Experience with relational databases, such as PostgreSQL or MySQL

Experience using Search Indices and Elastic Search and dealing with Big Data

Cloud development experience (AWS, GCP or Azure)

Experience building data pipelines (e.g. Airflow, NiFi)

Distributed processing of large datasets (e.g. Spark, Presto, Athena, BigQuery)


Desired Skills:

Streaming frameworks (e.g. Kafka, Kinesis)

Graph databases (e.g. Neo4j, JanusGraph)

NoSQL databases (e.g. MongoDB, DynamoDB, Cassandra)

Another key piece of information here is inside the Desired Skills section, they put a lot of emphasis on Streaming Data Analytics and Graph Databases.

Why this matters? Because in CyberSecurity, the ability to respond faster is the biggest sale point here. So: if you can analyze the data, and give immediate insights to the customers about how to proceed here, it’s key here.

Let’s discuss two ideas on how to approach this job application (THE REAL MEAT)

Idea # 1: Study and learn how to work effectively with Google Dataflow, the Managed Product for Apache Beam on Google Cloud and other streaming analytics platforms like Apache NiFi & Apache Flink

Google Dataflow is the perfect product to work on this at Mandiant. It provides a simple and effective managed solution to analyze millions of records in record time.

So, if you learn how to use it properly in a streaming processing setting, you could do a great job here.

There are countless of code examples how to use Google Dataflow, but I will share here some of my favorite ones:

And another resource I always recommend when you have to work with Apache Beam is the amazing book from Jan Lukavský called “Building Big Data Pipelines with Apache Beam: Use a single programming model for both batch and stream data processing

Apache Flink is another interesting platform for Streaming Analytics.

And to keep you updated on all this, my top recommendation is to follow all the content produced by Tim Spann ( a developer advocate at StreamNative), especially his weekly newsletter on Medium called FLiP Stack Weekly.

Idea # 2: Chat with people inside Mandiant (not only Data Engineers and Data Analytics people) and ask which could be a good approach to get a role there

Remember: a referral is the most powerful way to get a role these days, especially in big companies like Google, Meta, Amazon, Microsoft, and more.

A good approach here could be to chat with current employees from Mandiant and invite them to a “virtual coffee”; always sharing with them that you are interested in a Data Engineering role there.

It doesn’t have to be with Data Engineers only. A more diverse approach here could be helpful because you could get inputs from a different perspective of the company.

Take notes from their inputs, and make a plan for the next 30, 60, and 90 days as you have already worked with them, and share it for free with them.

Yes: for free.

A good detailed and well-researched plan. This will prove two things:

  • You are actually committed and interested in the role

  • You are showing initiative and drive for the role

  • You are “already thinking and acting” as a Mandiant employee even when you are not full-time yet

  • This proves as well you listened carefully in the conversation you took with your insiders of the company

Some contacts to ask for a chat:

Good luck with your job application, my friend.

Other open roles in the Interesting Data Gigs Network inside the Cyber Security industry + Contacts

Interesting resources of the week

Final words

If you’re finding this newsletter valuable, consider sharing it with friends, or subscribing if you haven’t already.

Marcos out.

Join the conversation

or to participate.