There’s no such thing as a “safe system” – only safer systems. Our Security team works to create and maintain the safest operating environment for Google’s users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work hands-on with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
The Detection Team develops and maintains the signals, tools, and infrastructure that we use, constantly evolving them to match sophisticated attackers. As part of this team, you will be building advanced and novel detection mechanisms for attacker techniques tactics and procedures, developing systems to automate remediation, conducting threat hunting, and performing network and systems forensics, as well as malware and indicator analysis.
We are responsible for handling all malicious activity on Google’s networks. We perform deep analysis of threats on our corporate, production, and acquisition environments. This is the team at Google that hunts for and helps respond to advanced (APT) attackers and insider threats. Our goal is to build a world-class fully automated detection and response machine – an automated SOC.
At Google, our users come first, and the Systems Infrastructure team is at the heart of that promise. We build the technologies that transform the way we think about doing business. Whether working on our cloud systems, researching the latest in computer technology or keeping Google’s internal systems humming, Googlers and users alike rely on us to keep things running. We’re back-end experts: protecting your privacy and ensuring your security.
- Participate in a 24/7 global operation that hunts for and responds to security events on Google’s networks.
- Perform investigations on a wide variety of events from various sources to determine whether they pose a threat to Google.
- Participate in large-scale security incidents.
- Work with teams from around Google to discover new detection capabilities and logging sources.
- BS degree in a relevant field or equivalent practical experience.
- 5 years of relevant work experience.
- Coding/scripting experience in one or more general purpose languages.
- 8 years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front-line analysis and response.
- 8 years of relevant work experience analyzing the security of systems (penetration testing, Web Application security testing, vulnerability scanning, threat modeling, etc.).
- Programming experience in Python, C/C++, Java, or Go.
- Demonstrated expertise with malware analysis, including investigations of botnet and rootkit behavior.
- Demonstrated expertise with signals development, threat hunting, threat modeling
- Expertise in spearheading analysis of large data sets and intrusion detection systems.