Google

Security Engineer, Enterprise Detection Engineering

place San Jose, CA, USA

Found: Today

Security Engineer, Enterprise Detection Engineering

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

The Enterprise Detection organization monitors Alphabet's first and third party endpoint platforms and systems to detect/prevent cyber threats. Our mission is to safeguard the integrity of Googleโ€™s enterprise by defending the endpoint platforms our employees and systems rely on every day via engineering high-fidelity detections that protect Google from human and AI/agentic hackers and exploits at scale.

As a Security Engineer in Enterprise Detection, you will be responsible for securing Google's enterprise footprint. This includes corporate endpoints (macOS, Linux, Windows, ChromeOS), off Google and second-party/third-party entities (e.g., Aqs/Bets), and infrastructure powering internal AI services/agents. You will design, implement, and maintain high-fidelity detection to identify external threat actors and insider threats before they cause harm. You will work with minimal assistance to solve well-scoped problems involving multiple interconnected systems, collaborating closely with incident response, enterprise security, and engineering teams. You are expected to execute project work separately, participate in design discussions, and begin developing deep technical expertise in enterprise threat detection. You will be responsible for threat modeling, developing, automating, and maturing detection capabilities end-to-end.

Individual pay is determined by factors including job-related skills, experience, and relevant education or training. US: $147000 - $211000 (USD) + 15% bonus target + equity + benefitsLearn more about benefits at Google.

Minimum qualifications:

  • Bachelor's degree or equivalent practical experience.
  • 2 years of experience with security assessments or security design reviews or threat modeling.
  • 2 years of experience with security engineering, computer and network security and security protocols.
  • 2 years of coding experience in one or more general purpose languages.

Preferred qualifications:

  • 3 years of experience in detection engineering, security operations (SOC), threat hunting, or incident response.
  • Experience building and tuning detections on enterprise surfaces (macOS, Linux, Windows endpoints, Google Workspace/SaaS).
  • Familiarity with the MITRE ATT&CK framework and threat modeling methodologies.
  • Knowledge of AI and agentic systems and concepts.

Responsibilities

  • Scope detection requirements for enterprise surfaces, focusing on high-risk areas such as Insider Exfiltration, Access Abuse, and Malicious Process Execution.
  • Design and implement detection rules for systems involving multiple interconnected components, ensuring comprehensive coverage across enterprise surfaces.
  • Assess security risks separately and justify detection strategies based on threat intelligence and risk models. Design and implement improvements to existing detections to reduce false positives, minimize resource usage (GCU, RAM, Disk), and decrease end-to-end detection latency (targeting P50 < 2 hours).
  • Participate in post-exercise analysis (e.g., Red Team, Purple Team) to identify detection gaps, document findings, and implement remediation detections.
  • Propose and implement incremental improvements to detection engineering pipelines, testing frameworks (e.g., synthetic event generation), and automation tooling.

Get jobs like this in your inbox daily

Fresh FAANG jobs, every day, filtered for your role and location.

Apple Google Amazon Meta OpenAI Microsoft Nvidia Stripe TikTok Netflix Uber Airbnb Booking Spotify Canva Pinterest
or use email

Similar Big Tech Jobs - Posted in the Past 24h

๐Ÿ” Google

Security Engineer, Detection

place Reston, VA, USA
๐Ÿง  Anthropic

Software Security Engineering Manager, Secure Frameworks

San Francisco, CA | Seattle, WA
๐Ÿ›’ Amazon

Security Engineer, AmSec

Arlington, VA, USA, Austin, TX, USA, Seattle, WA, USA

Same role, other locations

๐ŸฆŠ GitLab

Senior Security Engineer, Security Incident Response Team (SIRT) - EMEA

Remote, Israel; Remote, United Kingdom
๐ŸฆŠ GitLab

Staff Infrastructure Security Engineer (APAC, EMEA, or US)

Remote, India; Remote, Israel; Remote, United Kingdom; Remote, US
Stanislav Prigodich

Hey, I'm Stan

Software Developer & Creator of Top Jobs Today

I'm a software developer, and over time I realized I cared mostly about roles at big tech companies - not just whatever happened to show up on LinkedIn or generic job boards. But those sources weren't enough - some roles were delayed, or never posted at all.

So I built this website to solve that. It scrapes fresh job postings directly from official company sites, figures out what kind of roles they really are, and sends them as email alerts - simple, fast, and focused.

Hope it makes your search easier too. Wishing you the best of luck - and I'm really glad you're here!