At Google, we have a vision of empowerment and equitable opportunity for all Aboriginal and Torres Strait Islander peoples and commit to building reconciliation through Google’s technology, platforms and people and we welcome Indigenous applicants. Please see our Reconciliation Action Plan for more information.
Note: Google's hybrid workplace includes remote and in-office roles. By applying to this position you will have an opportunity to share your preferred working location from the following:
In-office locations: Docklands VIC, Australia; Sydney NSW, Australia.
Remote location(s): Australia; South Australia, AU.
- Bachelor's degree or equivalent practical experience.
- 5 years of experience with security assessments or security design reviews or threat modeling.
- 5 years of experience with security engineering, computer and network security and security protocols.
- 5 years of coding experience in one or more general purpose languages.
- 4 years of experience in an investigative role, including cyber threat analysis, incident response, or intrusion operations.
- Experience in graph theory, malware analysis, encoding/decoding, netflow and traffic analysis, timeline, log, and email analysis.
- Experience with commercial data sources (e.g., internet scan data, passive DNS, domain registry, malware repositories).
- Knowledge of threat hunting and pivoting techniques.
- Understanding of foundational signature and detection writing methodologies.
- Ability to develop tooling or automation with a scripting language.
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
- Track and assess adversaries by untangling complicated investigations using intrusion data, appliance telemetry, open source, and other third-party data sources.
- Manage time across multiple active investigations to analyze technical data to extrapolate adversary methodologies and identifiable characteristics.
- Utilize all available leads identified through investigations to provide a comprehensive understanding of the adversary’s tactics, techniques and procedures by combining different datasets for maximum impact.
- Work with multiple expert teams simultaneously in fast-paced operations to assess, cluster, and attribute seemingly disparate activity into related intrusions and campaigns.
- Communicate investigative findings through curating and modeling data, providing customer-facing attribution intelligence along with key context and analysis and pioneer the integration of AI-driven tools to enhance analysis speed and intelligence accuracy.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
