Security Engineer, Chrome Product Security
- linkCopy link
- emailEmail a friend
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 2 years of experience with security assessments or security design reviews or threat modeling.
- 2 years of experience with security engineering, computer and network security and security protocols.
- 2 years of coding experience in one or more general purpose languages.
Preferred qualifications:
- Experience in security assessments, security research or vulnerability investigation, or incident response.
- Experience in developing tools.
About the job
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
The Product Security team is responsible for maintaining critical operations processes within the Chrome Security team, one of these being Security Reviews as part of the Chrome Launch Reviews process.
As a Security Engineer, you will be working with Chrome Security and Chrome product and engineering stakeholders for maintaining and evolving Security Reviews process and evolving tooling to optimize reviews and reduce any friction points in the Security reviews process from request to review completion, as well as any coordination communications, such as pre-escalation communications.
In this role, you will be working with the Product Security team to help maintain and coordinate updates and changes in existing automation and to build new tooling to further automate our vulnerability management and disclosure processes. You will gain knowledge of our security bug triage, vulnerability management, security fix release, and Vulnerability Reward Program (VRP) processes and working closely with the Product Security team on that and understanding requirements for existing and new tooling.
Chrome OS delivers quality computing at scale to provide universal and unfettered access to information, entertainment, and tools. Our mission is to empower anyone to create and access information freely through fast, secure, simple, and intelligent computing.
The US base salary range for this full-time position is $136,000-$200,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.
Responsibilities
- Take ownership of the Security Reviews process, collaborating with security reviewers and the owners of the other Chrome launch approval bits (e.g., leadership, privacy, legal).
- Engage teams across Chrome to help ensure their features get the appropriate level of security attention, resulting in safe, on-time, launches.
- Maintain and improve review workflows and tooling, identify friction points and work to address them for the benefit of both the Feature teams and security reviewers.
- Generate metrics and maintain dashboards related to the security reviews process, to help ensure we are meeting our Service Level Objectives (SLOs) and other obligations.
- Devise and maintain security reviews documentation and communications, such as best practices, escalation related artifacts, and security policy.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.