Security Engineering Manager, Enterprise SaaS Security - Singapore

Product area

The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.

Job description

There's no such thing as a safe system - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

You are a recognized expert in at least two security domains and use your leadership skills to manage a team that sets the direction and goals for solving Google-wide problems. You identify fundamental security problems at Google and drives major security improvements in Google infrastructure.

Additional job description

The mission of Enterprise Security: SaaS (EntSec SaaS) is to protect Google's enterprise data and business processes in a third-party Software as a Service (SaaS) platform.

You will be an organizational leader, and build and lead security teams, and foster a collaborative environment to achieve collective goals. The role demands a technical foundation across security engineering, with excellent cross-functional collaboration skills, to manage the security challenges and operations. You must be able to apply on enterprise security expertise, including threat modeling, security assessments, authentication and access controls, and data protection controls, with the ability to adapt their knowledge and experience to defend against new AI-related risks.

Qualifications

Job responsibilities

• Collaborate with partner teams across security engineering.
• Oversee the operations for the Singapore-based teams responsible for assessing and reducing the impact of SaaS enterprise security risks, and assisting with the creation of well-lit paths for enterprise use of SaaS.
• Drive improvement in SaaS security posture through continuous monitoring, coverage expansion, and developing agentic solutions.
• Foster global collaboration through maintaining a high level of operational independence while collaborating closely with key partners and Office of Cybersecurity Resilience global leads in APAC and the US to align on strategy and technical direction.

Minimum qualifications

• Bachelor's degree in Computer Science or a related technical field, or equivalent practical experience.
  
• 8 years of experience with security assessments, security design reviews, or threat modeling.
• 8 years of experience with security engineering, computer and network security, and security protocols.
• 8 years of coding experience in one or more general purpose languages.
• 5 years of experience in managing a team of engineers or security professionals for an organization.

Preferred qualifications

• Experience in protecting systems, security assessments, or security testing of platforms.
• Experience prioritizing and managing across multiple time-sensitive initiatives.
• Experience designing security solutions to business problems.
• Experience managing engineering teams and a Knowledge of the relevant security domains, particularly in threat modeling, security assessments, authentication and access controls, and data protection controls.