Security Analyst, Cloud Threat Detection

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
  
• 2 years of experience with working in security analysis, network security, intrusion detection system, threat intelligence or threat detection.

Preferred qualifications:

• Experience in analyzing malicious network traffic, with the knowledge of networking and core internet protocols (e.g., Transmission Control Protocol//internet Protocol (TCP/IP), Hypertext Transfer Protocol (HTTP), Secure Sockets Layer (SSL)).
• Knowledge of defensive security concepts such as adversity tactic and technique, MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT and CK) framework, logging etc.

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

Cloud CISO Security Engineering (CCSE) is the team within the Cloud Chief Information Security Officer (CISO) organization responsible for helping ensure every product Cloud ships is secure, and increasing the assurance levels of security in the infrastructure underlying all the products. The team focuses on increasing the capabilities of each product team to develop more secure products by design.

In this role, you will be part of the team that's responsible for protecting Google and its users from attacks and abuses originating from Google Cloud Platform. You will ensure trust and reputation for the product and also for Google as a company. You will work globally and cross-functionally with multiple internal stakeholders.Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Responsibilities

• Research new detection techniques to prevent or mitigate abusive activities such as outbound security attacks, botnet, Distributed Denial-of-Service (DDoS) and other malicious behaviors which violate Google Cloud Platform (GCP) terms of service.
• Develop detection to identify malicious activity based on raw network and host level telemetry.
• Analyze multiple logs, packets to increase accuracy of detections.
• Hunt for threats/abusers and respond to it.
• Participate in rotating on-call schedules.