Key skills
Google Cloud PlatformAIGCPGoogle CloudGitHub ActionsGitHubCI/CDLeadershipRisk ManagementCommunicationCollaborationOWASP
About this role
Role Overview
- Drive product security vision, strategy, and best practices across product teams
- Lead security design reviews for new and existing products to identify potential security vulnerabilities in GCP and modern AI platforms
- Collaborate with engineering to manage and improve the secure software development stack and CI/CD pipeline in Github Actions
- Manage and enhance our bug bounty programs and third-party security testing
- Evaluate vulnerability reports, prioritize remediation, and communicate findings
- Design and build threat detection, monitoring, investigation, and response architectures on the Google SecOps platform
- Monitor and evaluate operational/security alerts
- Participate in investigations and incident response activities; build playbooks
Requirements
- BS in computer science, information security, or a related field or equivalent experience
- 5-7+ years in security engineering
- Experience in growing & formalizing security programs
- Strong knowledge of GCP and Google SecOps / Security Center
- Deep understanding of threat modeling, risk management, and vulnerability assessment methodologies
- Proficiency in multiple programming languages and familiarity with secure coding practices and frameworks such as OWASP and CIS Controls (Was SANS Top 20)
- Hands-on experience with security tools and experience integrating automated security testing into CI/CD pipelines
- Excellent leadership, communication, and collaboration skills, with the ability to work effectively across diverse teams
Tech Stack
- Google Cloud Platform
Benefits
- health/dental/vision insurance
- 401(k)
- unlimited paid time off
- paid parental leave
- fertility and mental health programs