Google will be prioritizing applicants who have a current right to work in Singapore, and do not require Google's sponsorship of a visa.
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 2 years of experience in cyber security, threat intelligence, or threat analysis.
- Experience in intelligence aggregation, evaluating threat coverage gaps, or threat modeling.
- Experience with automation via coding or scripting, as well as querying data using SQL to support threat hunting or intelligence gathering.
- Ability to communicate in English fluently to support cross-team relationship management and publish high-quality advisories.
Preferred qualifications:
- Experience evaluating defensive capabilities and producing actionable threat advisories.
- Experience working collaboratively with Detection and Response (D&R) and operational teams to drive security improvements.
- Deep understanding of common attacker tactics, tools, and techniques (TTPs), as well as agentic threats and internal abuse vectors.
- Excellent problem-solving and investigative skills, with the ability to explain complex detection or control gaps to various audiences.
About The Job
In this role, you will be a key member of the newly established Threat Intelligence Operations (TIO) function. Your primary mission is to contextualize threat intelligence specifically for Alphabet. You will be responsible for providing actionable intelligence to proactively identify coverage gaps and strengthen the overall security posture of the organization.
The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.
Responsibilities
- Combine public reporting with internal security data from sources such as threat scenarios consolidated in optimus and enterprise security intelligence .
- Evaluate known threats against current defensive and protective capabilities to identify coverage gaps, leveraging code reviews to assess the efficacy of technical defenses and detection logic.
- Conduct limited, focused manual hunting to ensure intelligence remains grounded in operational reality.
- Produce high-quality threat assessments to get threat scenarios integrated into threat catalogue and engineering roadmaps.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .
