Senior Security Engineer

About the job

There's no such thing as a "safe system" - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

You use your industry experience to own and drive the resolution of complex security incidents, policy questions and technical security issues.

The Google Public Sector (GPS) Advanced Threat Protection (ATP) team's mission is to identify how to implement cloud solutions and services securely and to enhance existing security workflows using emerging technologies, such as Artificial Intelligence (AI).

The Security Architecture team is a sub-component under ATP and is focused security validation of services and systems, both internal and external to GPS, primarily through penetration testing and tool development to enable the automation of security assessments.

Security architecture team members are responsible for performing security assessments on new and existing services, enabling security automation to streamline the evaluation of attack surface, and communicate security findings and trends to all levels of engineering and leadership.

Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.

The US base salary range for this full-time position is $161,000-$239,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google .

Responsibilities

• Work with service teams to evaluate the threat model and potential attack surface of new services or components. Understand compliance requirements and evaluate environments against those requirements.
• Create run-books to evaluate different types of services and platforms, e.g. cloud assessment vs web API assessment in a consistent manner,
  using scripting languages (Python, Ruby, Bash, etc) to parse and analyze tool output.
• Be up to date on cyber security news, trends, and common risks. Advocate best practices in interactions with Engineering teams and leadership. Understand how security policy and solutions can impact operations and ensure security solutions are non-disruptive.
• Perform penetration testing when needed to validate security controls functionality and verify alerting.
• Take actions to develop repeatable methodologies for system security evaluations.