The Security Engineer, Detection, Cloud role involves participating in a 24/7 global operation responding to security events on Google's networks.  Responsibilities include investigating events to identify threats, participating in large-scale incidents, collaborating with cross-functional teams to enhance detection capabilities, and developing advanced detection mechanisms for attacker techniques.  This role requires building automated remediation systems, conducting threat hunting, and performing forensics analysis. The successful candidate will manage malicious activity across Google's networks, analyzing threats in various environments, responding to APTs and insider threats, and building a fully automated detection and response system (automated SOC).

<p>Check out our career opportunities at goo.gle/3DLEokh</p>

Google

Senior Software Engineering Manager, Infrastructure, Google Cloud Data Management

Web Solutions Engineer, University Graduate, 2025

Security Sales Specialist, Google Public Sector

Data Center Operations Manager, Server Operations (English, Dutch)

Staff Software Engineer, Site Reliability Engineering, Google Cloud

Early Career Software Engineer, Black Community Inclusion

Account Manager, People with Disabilities (English, Portuguese)

Software Engineer, Black Community Inclusion

Software Engineer III, Site Reliability Engineering, Google Cloud

Software Engineer, People with Disabilities

<div jscontroller="iYVHDc" class="DkhPwc" jsname="tIk9qd" data-id="139454007612449478" jsaction="A6AxKc:CXOOvf;"><div class="KwJkGe"><br><h3>Minimum qualifications:</h3><ul>
<li>Bachelor's degree or equivalent practical experience.</li>
<li>2 years of coding experience in one or more general purpose languages.</li>
<li>2 years of experience with security engineering, computer and network security and security protocols.</li>
</ul><br><h3>Preferred qualifications:</h3><ul>
<li>5 years of experience in responding to security problems in aimed environments, security alerts, analysis and response.</li>
<li>Experience in programming languages (e.g., Go, Python, C/C++, or Java).</li>
<li>Experience in analysis of large data sets and intrusion detection.</li>
<li>Experience with Cloud environments, preferrably Google Cloud Platform.</li>
</ul></div><div class="aG5W3"><h3>About the job</h3><p>Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.</p>
<p>The Detection Team develops and maintains the signals, tools, and infrastructure that we use, constantly evolving them to match sophisticated attackers. <br><br>In this role, you will build advanced and novel detection mechanisms for attacker techniques tactics and procedures, develop systems to automate remediation, conduct threat hunting, and perform network and systems forensics, as well as malware and indicator analysis. You will be responsible for managing all malicious activity on Google's networks. You will perform deep analysis of threats on our corporate, production, and acquisition environments. You will help respond to Advanced Persistent Threat (APT) attackers and insider threats. You will build a fully automated detection and response machine, an automated Security Operations Center (SOC).<br></p><p>The Core team builds the technical foundation behind Google’s flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google’s products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.</p><p>The US base salary range for this full-time position is $136,000-$200,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.</p><div>Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about .</div></div><div class="BDNOWe"><h3>Responsibilities</h3><ul>
<li>Participate in a 24/7 global operation that hunts and responds to security events on Google's networks.</li>
<li>Perform investigations on a wide variety of events from various sources to determine whether they pose a threat to Google.</li>
<li>Participate in large-scale security incidents.</li>
<li>Work with teams from across Google to discover new detection capabilities and logging sources.</li>
</ul></div></div>

Security Engineer, Detection, Cloud