Job DetailsFull-timeEstimated: $96,000 – $130,000 a year12 hours ago
Bachelor’s degree in a technical discipline or equivalent practical experience
2 years of experience in testing the security of software systems
2 years of experience in software security analysis, code auditing, and product reviews
Experience in security engagement testing and security evaluation (Web, apps, APIs)
Experience in analyzing and responding to vulnerabilities
Technical knowledge of Web technologies, software services, authentication protocols, and network security
Effective communication skills
About the job
The goal of the Device and Services, Security and Privacy team is to ensure that all business units within our product area, including Google Nest, Fitbit, and Stadia develop and maintain trustworthy products.
Our team drives the security development lifecycle of new products from concept to launch in collaboration with multiple product and engineering teams. As part of the team, you will analyze software services, on-device software/firmware, Web interfaces, apps, and components to detect and fix vulnerabilities that could allow bad actors to compromise our users’ data or Google systems. You will also build software security technologies, co-designs features and services, supports vulnerabilities and incident response, and provides technical consulting services.
In this role, you will an opportunity to define a high standard software security bar for multiple products and technologies. You will be able to set the technical direction of our software security program, identify, develop, and customize tools for the job, influence architecture and design, conduct security research, and drive the adoption of best practices throughout the organization to ensure that Web, mobile app, Application Programming Interface (APIs), and backend software are secure.
Conduct threat modeling, design reviews, and code reviews for software services, APIs, infrastructure components, and tools.
Plan and execute functional security testing and engagement testing, and update testing plans to ensure known vulnerabilities will not resurface.
Analyze vulnerabilities, rate their severity, propose/review fixes.
Provide technical guidance to ensure that product features and services are built with security in mind.
Respond to incidents in collaboration with other product, security and privacy teams at Google.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing this form.