Senior Application Security Engineer

Google LLC
Mountain View, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 230K

Job location

Mountain View, United States of America

Tech stack

Java
Artificial Intelligence
Amazon Web Services (AWS)
Application Firewall
Cloud Computing
Continuous Integration
Python
Systems Development Life Cycle
Software Engineering
Systems Integration
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Cloud Platform System
Large Language Models
Software Security
Kotlin
Information Technology
Tenable Nessus
Vulnerability Analysis
Programming Languages

Job description

  • Manage and optimize core application defenses, including the Web Application Firewall (WAF) and automated vulnerability scanning tools, while monitoring key security metrics.
  • Architect and maintain security gating processes within the CI/CD pipeline to ensure secure, seamless software delivery.
  • Govern and secure our growing AI pipeline within the SDLC by implementing input/output monitoring, context controls, and safety guardrails around AI-generated code.
  • Partner with development teams to remediate vulnerabilities, scale the security champions program, and co-lead our public bug bounty initiative.
  • Mentor junior engineers and analysts, and occasionally present security postures, trends, and program milestones to upper management.

Requirements

  • Bachelor's degree in Computer Science, a related technical field, or equivalent practical experience.
  • 5 years of experience with managing Web Application Firewalls (WAF) and integrating automated security gating into CI/CD pipelines.
  • Experience with vulnerability management and cloud-hosted application security scanning tools.
  • Experience collaborating directly with software development teams on threat mitigation.
  • Experience with scripting or programming languages (i.e., Python, Java, Kotlin) to automate security processes.

It's preferred if you have:

  • Experience implementing security guardrails, context controls, or monitoring for Large Language Models (LLMs) and AI-assisted development tools.
  • Experience leading or growing a security champions program or a bug bounty platform.
  • Experience mentoring junior security professionals or teaching secure coding practices to engineering teams.
  • Experience analyzing technical security risks and presenting metrics or findings to upper management.
  • Knowledge of ISP infrastructure, web-scale networks, or cloud environments (e.g., GCP, AWS).

Benefits & conditions

The US base salary range for this full-time position is between $156,900 - $229,700 + bonus + benefits. As pay varies by location, your recruiter will share more about the specific salary range for your targeted location during the hiring process.

About the company

At GFiber, we believe that great internet has the power to drive innovation, strengthen communities, enable the impossible, and do all the everyday things that make all of our world go round. And the job of creating better internet is never done - so we're growing! Our team is committed to building a place where people who want to make a difference can grow their careers and find their spot to belong. GFiber is an Alphabet company that brings Google Fiber and Google Fiber Webpass internet services to homes and businesses across the United States. Our teams are expanding as we connect more cities and people to exceptional internet.

Apply for this position