Google logo

Security Engineer, AI Agent Security

Google
Full-time
On-site
Zürich, ZH

JobsCloseBy Editorial Insights

Google is seeking a Security Engineer for AI Agent Security to join the Secure AI Framework (SAIF) team onsite in Zurich, Switzerland, defending AI agents and LLM powered systems like Gemini and Workspace AI. The role blends research and engineering: identifying novel threats, prototyping mitigations, and collaborating with software engineers to deploy defenses. Minimum qualifications include a Bachelor's degree or equivalent, two years in security assessments or threat modeling, two years in security engineering and network security, and two years of coding in a general purpose language. Preferred candidates have advanced degrees with a security or AI/ML focus and a track record of AI security research or publications. To apply, tailor your resume to show concrete research, proofs of concept, and deployments, highlight collaboration across teams and any practical experience with LLM architectures or SAIF related work, and mention relevant CVEs, talks, or open source contributions.

Minimum qualifications:

  • Bachelor's degree or equivalent practical experience.
  • 2 years of experience with security assessments or security design reviews or threat modeling.
  • 2 years of experience with security engineering, computer and network security and security protocols.
  • 2 years of coding experience in one or more general purpose languages.

Preferred qualifications:

  • Master's or PhD degree in Computer Science or a related technical field with a specialization in Security, AI/ML, or a related area.
  • Experience in Artificial Intelligence/Machine Learning (AI/ML) security research, including areas like adversarial machine learning, prompt injection, model extraction, or privacy-preserving ML.
  • Track record of security research contributions (e.g., publications in relevant security/ML venues, CVEs, conference talks, open-source tools).
  • Familiarity with the architecture and potential failure modes of LLMs and AI agent systems.

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

Google's Secure AI Framework (SAIF) team is at the forefront of AI Agent Security. You'll pioneer defenses for systems like Gemini and Workspace AI, addressing novel threats unique to autonomous agents and Large Language Models (LLMs), such as advanced prompt injection and adversarial manipulation.

In this role, your responsibilities include researching vulnerabilities, designing innovative security architectures, prototyping mitigations, and collaborating to implement solutions. This role requires security research/engineering skills, an attacker mindset, and systems security proficiency. You will help define secure development practices for AI agents within Google and influence the broader industry in this evolving field.

Responsibilities

  • Conduct research to identify, analyze, and understand novel security threats, vulnerabilities, and attack vectors targeting AI agents and underlying LLMs (e.g., advanced prompt injection, data exfiltration, adversarial manipulation, attacks on reasoning/planning).
  • Design, prototype, evaluate, and refine innovative defense mechanisms and mitigation strategies against identified threats, spanning model-based defenses, runtime controls, and detection techniques.
  • Develop proof-of-concept exploits and testing methodologies to validate vulnerabilities and assess the effectiveness of proposed defenses and stay current within AI security, adversarial ML, and related security fields through literature review, conference attendance, and community engagement.
  • Collaborate with engineering and research teams to translate research findings into practical, security solutions deployable across Google's agent ecosystem.
  • Document research findings, contribute to internal knowledge sharing, security guidelines, and potentially external publications or presentations.