Google logo

Security Software Engineer, Systemic Remediation, Cloud CISO

Google
1 day ago
Full-time
On-site
Zürich, ZH

JobsCloseBy Editorial Insights

Google Cloud is looking for a Security Software Engineer focused on systemic remediation within the Cloud CISO Security Engineering team. This full-time onsite role requires a strong foundation in software development, testing and release, plus expertise in software design, architecture and security protocols, and a bachelor’s degree or equivalent practical experience with at least five years in these areas. Preferred candidates bring experience in complex matrixed organizations, static and dynamic analysis, consulting, and building security tooling, along with the ability to influence others and communicate clearly. You will conduct security reviews, reproduce vulnerabilities, design secure protocols, write tests and fuzzers, promote defense in depth, and respond with mitigations. To apply, tailor your resume to show ownership, cross-functional impact, measurable security outcomes, and cloud security collaboration.


Minimum qualifications:

  • Bachelor's degree or equivalent practical experience.
  • 5 years of experience in software development.
  • 5 years of experience testing, and launching software products.
  • 5 years of experience with software design and architecture.
  • 5 years of experience with security engineering, computer and network security and security protocols.

Preferred qualifications:

  • 3 years of experience working in a complex, matrixed organization involving cross-functional, or cross-business projects.
  • Experience in static analysis or dynamic analysis.
  • Consulting experience.
  • Experience building security tooling.
  • Ability to influence others.
  • Strong communication skills.

About the job

Google Cloud's software engineers develop the next-generation technologies that change how billions of users connect, explore, and interact with information and one another. We're looking for engineers who bring fresh ideas from all areas, including information retrieval, distributed computing, large-scale system design, networking and data storage, security, artificial intelligence, natural language processing, UI design and mobile; the list goes on and is growing every day. As a software engineer, you will work on a specific project critical to Google Cloud's needs with opportunities to switch teams and projects as you and our fast-paced business grow and evolve. You will anticipate our customer needs and be empowered to act like an owner, take action and innovate. We need our engineers to be versatile, display leadership qualities and be enthusiastic to take on new problems across the full-stack as we continue to push technology forward.

The Cloud Chief Information Security Office Security Engineering team is responsible for ensuring that every Google Cloud product ships as secure as possible. You will do so by increasing the assurance levels of security in the infrastructure underlying all products, increasing the capabilities of each product team to develop more secure products by design and by default, from patterns, tools, and frameworks to increasing the skill level of embedded security leads. Cloud Chief Information Security Office Security Engineering owns and drives the product security strategy for Google Cloud. You will work with almost every aspect of Google’s infrastructure and on solving planet-scale infrastructure security problems that have societal-level impacts.

Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Responsibilities

  • Perform security reviews, research and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers.
  • Review and develop secure operational practices, and provide security guidance for engineers and support staff.
  • Review designs and drive towards defense in depth and security by default, both with one-time reviews and longer term engagements.
  • Look for vulnerabilities with techniques including reverse engineering, fuzzing, and static analysis.
  • Respond to vulnerabilities with repros, variant analysis, mitigations, and hardening.