Security Analyst, Threat Detection Operations

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
  
• 2 years of experience with security engineering, computer and network security and security protocols.
  
• 2 years of experience with security assessments, security design reviews, or threat modeling.

Preferred qualifications:

• Certification in Security+ or similar Cyber Security/Incident Response.
  
• Experience analyzing, triaging, and remediating common information security incidents.
  
• Experience with automation via coding or scripting.
  
• Understanding of common attacker tactics, tools, and techniques.
  
• Ability to work separately, prioritize, and multitask.

Excellent problem-solving, investigative, and written and verbal communication skills.

About the job

The Detection team develops and maintains the signals, tools, and infrastructure that we use, constantly evolving them to match sophisticated attackers. As part of this team, you will be conducting and leading others in security analysis, threat hunting, as well as malware and indicator analysis. We are responsible for managing all malicious activity on Google's networks. We perform analysis of threats on our enterprise, production, and cloud environments.

The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.

Responsibilities

• Identify security issues and implement and design security controls, tools, and services to improve security systems and processes.
  
• Ensure compliance with legal mandates and internal Security and Privacypolicies.
  
• Automate workflows and develop appropriate tooling.
  
• Analyze security alerts in SIEM and other external alert sources.
  
• Search for anomalous activity via manual hunting at Alphabet scale, ensure compliance with legal mandates and internal Security and Privacypolicies. Lead response efforts to low severity incidents.