Security Engineer, Detection

There’s no such thing as a “safe system” – only safer systems. Our Security team works to create and maintain the safest operating environment for Google’s users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work hands-on with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

The Detection Team develops and maintains the signals, tools, and infrastructure that we use, constantly evolving them to match sophisticated attackers. As part of this team, you will be building advanced and novel detection mechanisms for attacker techniques tactics and procedures, developing systems to automate remediation, conducting threat hunting, and performing network and systems forensics, as well as malware and indicator analysis.

We are responsible for handling all malicious activity on Google’s networks. We perform deep analysis of threats on our corporate, production, and acquisition environments. This is the team at Google that hunts for and helps respond to advanced (APT) attackers and insider threats. Our goal is to build a world-class fully automated detection and response machine – an automated SOC.

At Google, our users come first, and the Systems Infrastructure team is at the heart of that promise. We build the technologies that transform the way we think about doing business. Whether working on our cloud systems, researching the latest in computer technology or keeping Google’s internal systems humming, Googlers and users alike rely on us to keep things running. We’re back-end experts: protecting your privacy and ensuring your security.


  • Participate in a 24/7 global operation that hunts for and responds to security events on Google’s networks.
  • Perform investigations on a wide variety of events from various sources to determine whether they pose a threat to Google.
  • Participate in large-scale security incidents.
  • Work with teams from around Google to discover new detection capabilities and logging sources.


Minimum qualifications:

  • BS degree in a relevant field or equivalent practical experience.
  • 5 years of relevant work experience.
  • Coding/scripting experience in one or more general purpose languages.

Preferred qualifications:

  • 8 years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front-line analysis and response.
  • 8 years of relevant work experience analyzing the security of systems (penetration testing, Web Application security testing, vulnerability scanning, threat modeling, etc.).
  • Programming experience in Python, C/C++, Java, or Go.
  • Demonstrated expertise with malware analysis, including investigations of botnet and rootkit behavior.
  • Demonstrated expertise with signals development, threat hunting, threat modeling
  • Expertise in spearheading analysis of large data sets and intrusion detection systems.

At Google, we don’t just accept difference – we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees or any other company location. Google is not responsible for any fees related to unsolicited resumes.


. . . . . . . .

Leave a Reply