Information Security Engineer, Product Security - Singapore

Product area

The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.

Job description

There's no such thing as a safe system - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

You use your industry experience to own and drive the resolution of complex security incidents, policy questions and technical security issues.

Additional job description

The new Singapore-based team will be dedicated to scaling our operations and risk reduction efforts through advanced automation and remediation.

In this role, you will be a builder and a breaker, fostering a collaborative environment to achieve collective goals. You will have a technical foundation and cross-functional collaboration skills to manage complex security challenges and operations. You should have a breadth of application security experience: web security, mobile security, API security, authentication and access control, threat modeling, conducting security assessments, etc.

Qualifications

Job responsibilities

• Develop agents and infrastructure to automate vulnerability handling, triage, and conduct variant analysis to reduce manual workloads.
• Contribute to the Singapore-based triage and remediation rotation, ensuring effective vulnerability reproduction, severity assessment, and bug filing for incoming security reports.
• Build and maintain a unified vulnerability analysis pipeline and dashboarding system to provide executive-level insights into emerging threats and program return on investment (ROI).

Minimum qualifications

• Bachelor's degree or equivalent practical experience.
• 2 years of experience with security assessments or security design reviews or threat modeling.
• 2 years of experience with security engineering, computer and network security and security protocols.
• 2 years of coding experience in one or more general purpose languages.

Preferred qualifications

• 1 year of experience in leading technical risk analysis in an enterprise environment.
• Experience building or deploying automated tools (e.g., large language model based agents) for security workflows such as triage automation or bug fixing.
• Experience with cross-functional or cross-product teams.
• Experience consulting on security/security protocols.
• Excellent communication skills.