Senior Information Security Engineer, Offensive Security, Red Team

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
• 5 years of experience with security assessments or security design reviews or threat modeling.
• 5 years of experience with security engineering, computer and network security and security protocols.
• 5 years of coding experience in one or more general purpose languages.
• 1 year of experience leading teams in a technical capacity or leading technical risk analysis in an enterprise environment.

Preferred qualifications:

• Master's degree in Computer Science or a related technical field.
• Experience in offensive security.
• Experience in pen testing or red teaming.
• Experience in Software development in C++, Go, or Python.
• Knowledge of, security engineering, computer and network security, authentication, security protocols and applied cryptography.

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

We're growing our Red Team and are looking for engineers who can perform realistic offensive security exercises to simulate real attacks, to test and improve our detection and response capabilities, and to identify how attackers could infiltrate and move inside our infrastructure.

In this role, with your technical expertise, you will come up with scenarios that advanced adversaries might try to compromise our security, and execute these attacks in a safe manner and in accordance with our rules of engagement. As a member of the offensive security team, you will both emulate the techniques used by known hacker groups, and come up with new techniques that adversaries might attempt in the future. After each exercise you will thoroughly document any findings, and present the results to colleagues as well as leadership. You will not only enjoy breaking things, but also building and fixing things and also work closely with members of the blue teams to improve our detection capabilities, and other parts of security team and affected product teams to design defense-in-depth controls that limit attackers' ability to move inside our network and by using your excellent judgement, you suggest improvements where they are most impactful.The US base salary range for this full-time position is $166,000-$244,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.

Responsibilities

• Work with a team of skilled hackers to plan and lead realistic offensive security exercises.
• Build tools and infrastructure to support our exercises.
• Design controls and improvements to sharpen our capabilities to defend against attackers in close cooperation with the teams responsible for implementing them.
• Document and present results to a variety of audiences, ranging from technical engineers over non-technical subject matter experts to executive leadership.