Google is seeking a Security Engineer to join their Access Security Team. The role focuses on uncovering access risks, gathering intelligence, and deploying measures to fortify security, while contributing to projects that redefine internal access management.
Drive the strategy for PRISM’s core pillars by identifying emerging access risks and designing technical solutions to mitigate them at scale
Architect and evolve security risk mitigation systems to enable continuous, automated assessment and remediation across Google’s infrastructure
Serve as a technical consultant for complex security challenges, guiding teams across Product Areas (PAs) to implement robust security invariants
Contribute to and lead technical execution for the Internal Access Control program suite
Qualification
Required
Bachelor's degree or equivalent practical experience
1 year of experience with security assessments or security design reviews or threat modeling
1 year of coding experience in one or more general purpose languages
Experience with security engineering within the infrastructure security or security research space
Preferred
Experience designing and implementing distributed security systems or automated remediation frameworks at scale
Experience in performing complex threat modeling for large-scale distributed systems and conducting attack path modeling and simulation to identify non-obvious lateral movement and indirect access risks
Knowledge of system hardening techniques across various layers (OS, network, and application) to enforce security invariants and reduce the attack surface of critical production services
Understanding of identity and access management (IAM), mandatory access control (MAC), principle of least privilege, and zero-trust architectures in production environments
Benefits
Bonus
Equity
Benefits
Google specializes in internet-related services and products, including search, advertising, and software. It is a sub-organization of Alphabet.