Security Engineer, Hardware Security, Cloud CISO

Security Engineer, Hardware Security, Cloud CISO

Apply

• Bachelor's degree in Computer Science, a related field, or equivalent practical experience.
• 2 years of experience in the Security field.
• Experience in a Reverse Engineering role.
• Experience with Hardware System Architecture.
• Experience with Firmware.

Preferred qualifications:

• Experience with hardware or firmware security.
• Understanding of both offensive and defensive security methods.
• Ability to influence others without authority.
• Excellent communication and documentation skills.

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

The Off the Shelf (OTS) Hardware Security team focuses on securing the off-the-shelf hardware/firmware used by Cloud products. We collaborate with external vendors, internal teams, and industry bodies to protect devices against hardware and firmware security threats.

Our goal is to ensure the hardware/firmware used by Google Cloud is trustworthy, enabling secure and reliable cloud services. Google Cloud serves customers in over 200 countries, providing enterprise solutions that leverage Google's cutting-edge technology to support digital transformation and business growth.

Responsibilities

• Identify critical hardware/firmware devices within Cloud for review, including devices like Hardware Security Modules, Servers, Switches, and Solid State Drives.
• Conduct comprehensive hardware and firmware security reviews of these devices.
• Develop detailed threat models and reports, presenting findings and mitigation strategies to leadership.
• Notify vendors of vulnerabilities and collaborate with them and internal teams to mitigate risks.
• Advocate for design changes in hardware and firmware based on risk assessments.
• Work with team members to develop attack scenarios, mitigation plans, and ensure methodological consistency.

Google is committed to equal opportunity employment and fostering an inclusive environment. We welcome applicants regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy, or related conditions. For more information, see Google's EEO Policy and related resources.

Proficiency in English is required for all roles to facilitate global collaboration.

Note to recruitment agencies: Google does not accept unsolicited resumes and is not responsible for fees related to them.