Security Engineer III, Enterprise SaaS Security - Singapore

Product area

The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.

Job description

There's no such thing as a safe system - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

You use your industry experience to own and drive the resolution of complex security incidents, policy questions and technical security issues.

Additional job description

As a Security Engineer on this team, you will be responsible for securing Google's enterprise usage of third-party SaaS platforms. You will help scale our capacity for incoming security vulnerabilities, build automated tooling to reduce manual workloads using AI, and drive risk insights and remediations. You will ensure all new SaaS launches are secure by performing security assessments and ensure the adoption of required security controls.

Qualifications

Job responsibilities

• Design and implement robust security controls, automated tools, and services to proactively identify and mitigate security risks across Google's enterprise SaaS ecosystem.
• Safeguard enterprise SaaS usage by analyzing complex threat vectors, developing defensive strategies, and hardening identity and access management controls.
• Execute comprehensive security assessments for third-party SaaS platforms, collaborating with stakeholders to ensure secure integration and adoption of rigorous security standards.
• Engineer and maintain SaaS Security Posture Management (SSPM) solutions, leveraging AI-driven automation to reduce operational toil and enhance visibility.
• Partner with cross-functional engineering teams to track and remediate vulnerabilities, ensuring a secure, scalable, and resilient operating environment.

Minimum qualifications

• Bachelor's degree or equivalent practical experience.
• 2 years of experience with security engineering, computer and network security and security protocols.
• 2 years of experience with security assessments, security design reviews, or threat modeling.
• 2 years of coding experience in one or more languages (Python, Go, SQL, Javascript).

Preferred qualifications

• Understanding of federated AuthN/AuthZ technologies (SAML, SCIM, OIDC).
• Understanding of networking concepts (protocols, topologies, encryption).
• Ability to perform technical security assessments of complex systems.
• Ability to design and develop new security control implementations.