Security Engineer, Cloud Vulnerability Research
Zürich, Switzerland
Minimum qualifications:
- Bachelor's degree in Computer Science or equivalent practical experience.
- 4 years of experience in application-level vulnerability testing and code-level security auditing.
- Experience in security assessment and security analysis.
Preferred qualifications:
- Experience finding and exploiting high severity vulnerabilities.
- Knowledge of Google Cloud.
- Ability to work independently.
- Excellent written and verbal communication skills.
- Offensive security and vulnerability research background
About the job
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
Information Security Engineers at Google drive two goals: to find and prevent security vulnerabilities in new and existing products; and, more importantly, to promote good design and implementation practices that mitigate or prevent vulnerability classes.
Within PSE, we apply the goals towards Google Cloud Platform (GCP) products and its infrastructure. We do vulnerability research to find security issues and deep-dive on exploitability. We consult with launching teams and ensure they don’t launch with security flaws, thus boosting product excellence and user trust in our products. We work closely with GCP leads to proactively map out hazards based on product roadmaps. We evaluate high-level product design considerations that transcend any individual launch. Using security engineering practices, we remediate vulnerability classes, systemic patterns and ensure that GCP is secure-by-default. We apply this work to the full GCP stack, from supply-chain and open-source, over virtualization layers and low-level OS internals, towards high-level APIs and configurations.
In this role, you will focus on vulnerability research, exploration of security risk, and the identification of unknown bugs. A typical project identifies an under-explored area or emerging threat, locates related work, and conducts research to gain an improved understanding of the insecurity of a product, infrastructure or technology. You will also communicate results and influence the remediation of the issue.
Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
Responsibilities
- Identify security issues and implement and design security controls, tools, and services to improve security systems and processes.
- Technical deep-dives into various Cloud-related products, tech stacks, and infrastructure.
- Find and exploit vulnerabilities, create tools to analyze products and systems at scale, and communicate results to influence remediation, hardening, or security roadmaps/strategies of product teams.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Audits Cloud Computer Science Exploit GCP Offensive security Security analysis Security assessment Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Operations Analyst jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open SaaS-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs