About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

Cloud CISO Security Engineering(CCSE) is the team within the Cloud CISO organization responsible for helping ensure every product Cloud ships is as secure as it can be and increasing the assurance levels of security in the infrastructure underlying all our products. This team will also focus on increasing the capabilities of each product team to develop more secure products by design and by default, from patterns, tools and frameworks to increasing the skill level of embedded security leads.

As a Security Engineer on the Cloud Abuse Security Engineering team inside of CCSE, you will be part of the team that's responsible for protecting Google and its users from attacks and abuses originating from Google Cloud Platform. You will ensure trust and reputation not only for this product, but also for Google as a broader brand and company. You will work globally and cross-functionally with several internal stakeholders.

The US base salary range for this full-time position is $147,000-$211,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.

Responsibilities

• Research new detection techniques to prevent/mitigate abusive activities such as outbound security attacks, botnet, DDoS and other malicious behaviors which violate Google Cloud Platform (GCP) terms of service.

• Develop high fidelity detection to identify malicious activity based on raw network and host level telemetry.

• Analyze various logs, packets to increase accuracy of detections.

• Hunt for threats/abusers and respond proactively.

• Create, develop and manage tools to collect and process abuse reports and threat intelligence data.

Minimum qualifications

• Bachelor's degree or equivalent practical experience.

• 2 years of experience with security assessments or security design reviews or threat modeling.

• 2 years of experience with security engineering, computer and network security and security protocols.

• 2 years of experience with coding in one or more general purpose languages.

Preferred qualifications

• 5 years of experience working in one or more of the following areas: cloud security research, network security, intrusion detection system, threat intelligence, threat detection.
• Experience with host/memory based forensics and detections.
• Experience analyzing malicious network traffic.