Senior Information Security Engineer, Product Security Engineering

Senior Information Security Engineer, Product Security Engineering

Manufactor:
Google
Locations:
Kirkland, WA;
New York, NY;
Seattle, WA;
Sunnyvale, CA

• Health, dental, vision, life, and disability insurance
• Retirement Benefits: 401(k) with company match
• Paid Time Off: 20 days of vacation per year, accruing 6.15 hours per pay period for the first five years of employment
• Sick Time: 40 hours per year (69 hours per year for Seattle) including 5 discretionary sick days per instance
• Maternity Leave (Short-Term Disability + Baby Bonding): 28-30 weeks
• Baby Bonding Leave: 18 weeks
• Holidays: 13 paid days per year

• Bachelor's degree or equivalent practical experience
• 5 years of experience with security engineering, computer and network security, and security protocols
• 5 years of experience with security assessments or security design reviews or threat modeling
• 5 years of coding experience in one or more general‑purpose languages
• 1 year of experience leading teams in a technical capacity or leading technical risk analysis in an enterprise environment
• Coding experience in one or more general‑purpose languages

• Experience identifying and mitigating network security risks using threat modeling and other risk identification techniques
• Experience in application security, cryptography, network security, or systems security
• Experience with C++ dynamic analysis and static code analysis
• Expertise in security assessments, vulnerability management, and security research

• Identify security issues and implement and design security controls, tools, and services to improve security systems and processes
• Perform security reviews, research and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers. Look for vulnerabilities with techniques including reverse engineering, fuzzing, and static analysis
• Review and develop secure operational practices, and provide security guidance for engineers and support staff. Review designs and drive toward defense in depth and security by default, both with one‑time reviews and longer‑term engagements
• Respond to vulnerabilities with reproductions, variant analysis, mitigations, and hardening. Focus on the security strategy for Google Cloud

US: $174000 - $253000 (USD) + 15% bonus target + equity + benefits

English proficiency is required for all roles unless otherwise stated in the job posting.

Google is an equal‑opportunity and affirmative‑action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents‑to‑be, criminal histories consistent with legal requirements, or any other basis protected by law.

See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.