Security Engineer

Google

2 - 4 years

Bengaluru

Posted: 13/06/2025

Job Description

Minimum qualifications:

Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
2 years of experience with AI/LLM concepts and their application to security and in one programming language (e.g., Python, Java, C/C++).
Experience with Android operating system architecture and security principles.
Experience in Android, Android development, large language model.

Preferred qualifications:

Master's degree in Computer Science, Information Security, or a related technical field.
Experience in applying large language models (LLMs) to security-related tasks, such as vulnerability analysis, code review, or security automation.
Experience contributing to or managing vulnerability reward programs (VRPs).
Knowledge of common mobile security vulnerabilities (e.g., OWASP Mobile Top 10).
Familiarity with Android build systems, AOSP, vulnerability databases and common security tools.
Excellent problem-solving, communication and collaboration skills.

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

As a Security Engineer, you will focus on enhancing Android product security through active participation in the Vulnerability Response Program (VRP), including triage and researcher engagement. You will leverage Artificial Intelligence (AI)/Large Language Models (LLMs) to improve vulnerability pipeline efficiency, conduct in-depth security research to identify and mitigate threats, and collaborate with product teams to implement effective security solutions. You will work with centers on responding to and resolving vulnerabilities in both pre-release and in-market Android products, ensuring a robust security posture.

Google's mission is to organize the world's information and make it universally accessible and useful. Our Devices and Services team combines the best of Google AI, Software, and Hardware to create radically helpful experiences for users. We research, design, and develop new technologies and hardware to make our user's interaction with computing faster, seamless, and more powerful. Whether finding new ways to capture and sense the world around us, advancing form factors, or improving interaction methods, the Devices and Services team is making people's lives better through technology.

Responsibilities

Maintain a seamless vulnerability pipeline and participate in the primary and secondary rotation of the VRP triage program.
Boost Android security researcher engagement by proactively incorporating the use of Artificial Intelligence (AI)/Large Language Model (LLMs) into our VRP pipeline.
Ensure the Security of Upcoming Android Products and provide product security consultation.
Conduct security design reviews of Android features and perform in-depth security research on Android vulnerabilities and threat vectors to ensure the security of in-market Android products.
Convert VRP reports into Platform mitigation solutions with prioritizations and work with the Product/Feature team to land these solutions.

About Company

Google is a multinational technology company founded in 1998 by Larry Page and Sergey Brin. It is best known for its search engine but also develops products and services in areas like online advertising (Google Ads), cloud computing (Google Cloud), operating systems (Android, Chrome OS), web browsers (Chrome), and consumer electronics (Pixel devices, Nest). Google is a subsidiary of Alphabet Inc., its parent company formed in 2015. It plays a major role in shaping the internet, AI, and digital innovation globally.