Security Engineering Manager, Information Security Engineering - Singapore

Product area

The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.

Job description

There's no such thing as a safe system - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

You are a recognized expert in at least two security domains and use your leadership skills to manage a team that sets the direction and goals for solving Google-wide problems. You identify fundamental security problems at Google and drives major security improvements in Google infrastructure.

Additional job description

As the foundational Security Engineering Manager for Google Vulnerability Rewards Program (VRP) in Singapore, you will lead a team of security and software engineers. You will scale our vulnerability handling capacity by architecting AI-driven agents for triage, reproduction, and automated bug fixing. Beyond operations, you will drive unified risk reporting and lead large-scale remediation projects to eliminate entire vulnerability classes across Google.You are a proven leader with a technical foundation and broad application security expertise-spanning web, mobile, API, and threat modeling.

Qualifications

Job responsibilities

• Maintain a high level of operational independence while collaborating closely with global leads in the US and Zurich to align on technical direction.
• Oversee the Singapore-based triage and remediation rotation, ensuring effective vulnerability reproduction, severity assessment, and bug filing for incoming security reports.
• Steer the strategic development of agents and infrastructure to automate vulnerability handling, triage, and conduct variant analysis to reduce manual workloads.
• Build and maintain a unified vulnerability analysis pipeline and dashboarding system to provide executive-level insights into emerging threats and program return on investment (ROI).
• Drive large-scale remediation efforts that eliminate entire classes of vulnerabilities across Google's products and infrastructure.

Minimum qualifications

• Bachelor's degree or equivalent practical experience.
• 8 years of experience in a technical leadership role overseeing projects, with 2 years of experience in a people management, supervision/team leadership role.
• Experience with the bug bounty lifecycle, including triage, severity assessment, and researcher community management.

Preferred qualifications

• Master's degree or PhD in Engineering, Computer Science, or a related technical field.
• Experience building or deploying automated tools (e.g., LLM-based agents) for security workflows such as triage automation or bug fixing.
• Experience driving large-scale security improvements and collaborating with product teams to remediate widespread technical issues.
• Proven track record of managing engineering teams and a background in software security, particularly in vulnerability reproduction and variant analysis.