Security Engineer
- linkCopy link
- emailEmail a friend
Minimum qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- 2 years of experience with AI/LLM concepts and their application to security and in one programming language (e.g., Python, Java, C/C++).
- Experience with Android operating system architecture and security principles.
- Experience in Android, Android Development, Large Language Model.
Preferred qualifications:
- Master's degree in Computer Science, Information Security, or a related technical field.
- Experience in applying Large Language Models (LLMs) to security-related tasks, such as vulnerability analysis, code review, or security automation.
- Experience contributing to or managing vulnerability reward programs (VRPs).
- Knowledge of common mobile security vulnerabilities (e.g., OWASP Mobile Top 10).
- Familiarity with Android build systems, AOSP, vulnerability databases and common security tools.
- Excellent problem-solving, communication and collaboration skills.
About the job
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
As a Security Engineer, you will focus on enhancing Android product security through active participation in the Vulnerability Response Program (VRP), including triage and researcher engagement. You will leverage Artificial Intelligence (AI)/Large Language Models (LLMs) to improve vulnerability pipeline efficiency, conduct in-depth security research to identify and mitigate threats, and collaborate with product teams to implement effective security solutions. You will work with centers on responding to and resolving vulnerabilities in both pre-release and in-market Android products, ensuring a robust security posture.
Google's mission is to organize the world's information and make it universally accessible and useful. Our Devices and Services team combines the best of Google AI, Software, and Hardware to create radically helpful experiences for users. We research, design, and develop new technologies and hardware to make our user's interaction with computing faster, seamless, and more powerful. Whether finding new ways to capture and sense the world around us, advancing form factors, or improving interaction methods, the Devices and Services team is making people's lives better through technology.
Responsibilities
- Maintain a seamless vulnerability pipeline and participate in the primary and secondary rotation of the VRP triage program.
- Boost Android security researcher engagement by proactively incorporating the use of Artificial Intelligence (AI)/Large Language Model (LLMs) into our VRP pipeline.
- Ensure the Security of Upcoming Android Products and provide product security consultation.
- Conduct security design reviews of Android features and perform in-depth security research on Android vulnerabilities and threat vectors to ensure the security of in-market Android products.
- Convert VRP reports into Platform mitigation solutions with prioritizations and work with the Product/Feature team to land these solutions.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.