Security Analyst, Cloud Threat detection

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
  
• 2 years of experience with security assessments, security design reviews or threat modeling.
• 2 years of experience with security engineering, computer and network security and security protocols.
  

Preferred qualifications:

• 5 years of experience with working in security analysis, network security, intrusion detection system, threat intelligence or threat detection.
• Experience with host/memory based forensics and detections.
• Experience with analyzing malicious network traffic.
• Knowledge of defensive security concepts like adversity tactic and technique, MITRE ATT and CK framework, logging etc.
• Knowledge of networking and core internet protocols (e.g., TCP/IP, HTTP, SSL).

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

Product Security Engineering(PSE) is the team within the Cloud CISO organization responsible for helping to ensure every product Cloud ships is as secure as it can be and increasing the assurance levels of security in the infrastructure underlying all our products. This team will focus on increasing the capabilities of each product team to develop more secure products by design and by default, from patterns, tools and frameworks to increasing the skill level of embedded security leads.

In this role, you will be part of the team that's responsible for protecting Google and its users from attacks and abuses originating from Google Cloud Platform. You will ensure trust and reputation not only for this product, but also for Google as a broader brand and company. You will work globally and cross-functionally with several internal stakeholders.Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Responsibilities

• Research new detection techniques to prevent/mitigate abusive activities such as outbound security attacks, botnet, DDoS and other malicious behaviors which violate Google Cloud Platform (GCP’s) Terms of Service.
• Develop fidelity detection to identify malicious activity based on raw network and host level telemetry.
• Analyze logs, packets to increase accuracy of detections.
• Hunt for threats/abusers and respond.