Security Engineer III, Product Security
Zürich, Switzerland
Minimum qualifications:
- Bachelor's degree in Computer Science, related discipline, or equivalent practical experience
- 5 years of experience in the Security field
- Experience with Hardware System Architecture
- Experience with Firmware
- Experience in a Reverse Engineering role
Preferred qualifications:
- Experience with hardware or firmware security
- Understanding of both offensive and defensive security methods
- Excellent communication and documentation skills
- Proven track record influencing others without authority (especially external parties)
About the job
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
The Product Security team is within the Cloud CISO organization and is responsible for helping ensure every product Cloud ships is as secure as it can be, and for increasing the assurance levels of security in the infrastructure underlying all Cloud products (which includes hardware/firmware).
The OTH-Hardware team within PSE specializes on the hardware underpinning Cloud products. The OTS-HS team has the ambitious strategic mission to protect the world's devices against all hardware and firmware security threats.
The OTS Hardware Security team focuses on securing the off-the-shelf hardware/firmware used by Cloud products. We work with a wide range of other external vendors, internal teams, and industry bodies to protect devices against all hardware and firmware security threats.OTS Hardware Security team cares deeply about protecting the hardware/firmware used by Google Cloud products so that the upper layers of the stack can consider it trustworthy.
Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
The Product Security team is within the Cloud CISO organization and is responsible for helping ensure every product Cloud ships is as secure as it can be, and for increasing the assurance levels of security in the infrastructure underlying all Cloud products (which includes hardware/firmware).
The OTH-Hardware team within PSE specializes on the hardware underpinning Cloud products. The OTS-HS team has the ambitious strategic mission to protect the world's devices against all hardware and firmware security threats.
The OTS Hardware Security team focuses on securing the off-the-shelf hardware/firmware used by Cloud products. We work with a wide range of other external vendors, internal teams, and industry bodies to protect devices against all hardware and firmware security threats.OTS Hardware Security team cares deeply about protecting the hardware/firmware used by Google Cloud products so that the upper layers of the stack can consider it trustworthy.
Responsibilities
- Scope out and identify business critical hardware/firmware devices within Cloud for team review. Perform in-depth and holistic hardware and firmware security review of critical business devices (e.g., HSMs, Servers, Switches, SSDs).
- Write detailed threat models and reports to support and augment reviews. Present the risk findings and risk mitigation recommendations to technical and organizational leadership across different organizations.
- Inform vendors of the hardware and firmware vulnerabilities found in their devices. Partner with vendor and internal teams in order to effectively mitigate identified risks.
- Partner with device vendors to advocate for necessary design changes to hardware and firmware. Design changes due to risk findings both internally and to the vendor.
- Collaborate closely with team members to come up with new attack scenarios, mitigation, vendor collaboration strategies, and to ensure consistency in team approach and methodology.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISO Cloud Computer Science GCP Product security Reverse engineering Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Ethical hacker / Pentester H/F jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information System Security Officer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open C-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs