Security Engineer

Minimum qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• 2 years of experience with AI/LLM concepts and their application to security and in one programming language (e.g., Python, Java, C/C++).
• Experience with Android operating system architecture and security principles.
• Experience in Android, Android development, large language model.
  
  

Preferred qualifications:

• Master's degree in Computer Science, Information Security, or a related technical field.
• Experience in applying large language models (LLMs) to security-related tasks, such as vulnerability analysis, code review, or security automation.
• Experience contributing to or managing vulnerability reward programs (VRPs).
• Knowledge of common mobile security vulnerabilities (e.g., OWASP Mobile Top 10).
• Familiarity with Android build systems, AOSP, vulnerability databases and common security tools.
• Excellent problem-solving, communication and collaboration skills.
  
  

About The Job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

As a Security Engineer, you will focus on enhancing Android product security through active participation in the Vulnerability Response Program (VRP), including triage and researcher engagement. You will leverage Artificial Intelligence (AI)/Large Language Models (LLMs) to improve vulnerability pipeline efficiency, conduct in-depth security research to identify and mitigate threats, and collaborate with product teams to implement effective security solutions. You will work with centers on responding to and resolving vulnerabilities in both pre-release and in-market Android products, ensuring a robust security posture.

Google's mission is to organize the world's information and make it universally accessible and useful. Our Devices and Services team combines the best of Google AI, Software, and Hardware to create radically helpful experiences for users. We research, design, and develop new technologies and hardware to make our user's interaction with computing faster, seamless, and more powerful. Whether finding new ways to capture and sense the world around us, advancing form factors, or improving interaction methods, the Devices and Services team is making people's lives better through technology.

Responsibilities

• Maintain a seamless vulnerability pipeline and participate in the primary and secondary rotation of the VRP triage program.
• Boost Android security researcher engagement by proactively incorporating the use of Artificial Intelligence (AI)/Large Language Model (LLMs) into our VRP pipeline.
• Ensure the Security of Upcoming Android Products and provide product security consultation.
• Conduct security design reviews of Android features and perform in-depth security research on Android vulnerabilities and threat vectors to ensure the security of in-market Android products.
• Convert VRP reports into Platform mitigation solutions with prioritizations and work with the Product/Feature team to land these solutions.
  
  
  

Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .