Security Engineer III, Automated Vulnerability Management

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
• 2 years of experience with security assessments or security design reviews or threat modeling.
• 2 years of experience with security engineering, computer and network security and security protocols.
• 2 years of coding experience in one or more general purpose languages.

Preferred qualifications:

• Certification in Technical Security (OSCP, SANS-SEC460/SEC542/SEC560/SEC588, etc.).
• Experience as a security engineer in the vulnerability management domain.
• Experience in development with a focus on Secure Software Development Lifecycle.
• Experience in cloud security engineering.

About the Job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
We run the largest vulnerability management programs in the world, focusing on the engineering needed to automatically scale these programs across hundreds of products and millions of projects and assets.
The Core team builds the technical foundation behind Google’s flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google’s products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.

• Identify security issues and implement and design security controls, tools, and services to improve security systems and processes.
• Work cross-functionally with different teams to deliver on the program's strategic outcomes.
• Drive the implementation and optimization of different scanning pipelines and capabilities as part of the different security programs, delivering highly prioritized and impactful work.
• Facilitate the continuous improvement of our scanning pipelines and capabilities.