Google

Security Engineer, Enterprise Detection Engineering

Google$147K — $211K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree or equivalent practical experience.
  • 2 years of experience with security assessments, design reviews, or threat modeling.
  • 2 years of experience in security engineering, computer and network security, and security protocols.
  • 2 years of coding in general purpose programming languages.
  • 3 years in detection engineering, security operations, or incident response (preferred).
  • Experience building detections on enterprise platforms like macOS, Linux, and Windows (preferred).
  • Familiarity with MITRE ATT&CK and threat modeling methodologies (preferred).
  • Knowledge of AI systems and concepts (preferred).

Responsibilities

  • Scope detection requirements for high-risk enterprise surfaces.
  • Design and implement detection rules for interconnected systems.
  • Assess security risks and justify detection strategies using threat intelligence.
  • Participate in post-exercise analysis to identify and remediate detection gaps.
  • Propose and implement improvements to detection engineering pipelines and frameworks.

Benefits

  • Comprehensive health and wellness programs.
  • Generous paid time off and parental leave.
  • Retirement savings with company matching.
  • Professional development and learning opportunities.
  • Access to cutting-edge technologies and projects.
Full Job Description
Minimum qualifications:
  • Bachelor's degree or equivalent practical experience.
  • 2 years of experience with security assessments or security design reviews or threat modeling.
  • 2 years of experience with security engineering, computer and network security and security protocols.
  • 2 years of coding experience in one or more general purpose languages.

Preferred qualifications:
  • 3 years of experience in detection engineering, security operations (SOC), threat hunting, or incident response.
  • Experience building and tuning detections on enterprise surfaces (macOS, Linux, Windows endpoints, Google Workspace/SaaS).
  • Familiarity with the MITRE ATT&CK framework and threat modeling methodologies.
  • Knowledge of AI and agentic systems and concepts.


About the job
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
The Enterprise Detection organization monitors Alphabet's first and third party endpoint platforms and systems to detect/prevent cyber threats. Our mission is to safeguard the integrity of Google's enterprise by defending the endpoint platforms our employees and systems rely on every day via engineering high-fidelity detections that protect Google from human and AI/agentic hackers and exploits at scale.

As a Security Engineer in Enterprise Detection, you will be responsible for securing Google's enterprise footprint. This includes corporate endpoints (macOS, Linux, Windows, ChromeOS), off Google and second-party/third-party entities (e.g., Aqs/Bets), and infrastructure powering internal AI services/agents. You will design, implement, and maintain high-fidelity detection to identify external threat actors and insider threats before they cause harm. You will work with minimal assistance to solve well-scoped problems involving multiple interconnected systems, collaborating closely with incident response, enterprise security, and engineering teams. You are expected to execute project work separately, participate in design discussions, and begin developing deep technical expertise in enterprise threat detection. You will be responsible for threat modeling, developing, automating, and maturing detection capabilities end-to-end.

Individual pay is determined by factors including job-related skills, experience, and relevant education or training.

US: $147000 - $211000 (USD) 15% bonus target equity benefits

Learn more about benefits at Google .

Responsibilities
  • Scope detection requirements for enterprise surfaces, focusing on high-risk areas such as Insider Exfiltration, Access Abuse, and Malicious Process Execution.
  • Design and implement detection rules for systems involving multiple interconnected components, ensuring comprehensive coverage across enterprise surfaces.
  • Assess security risks separately and justify detection strategies based on threat intelligence and risk models. Design and implement improvements to existing detections to reduce false positives, minimize resource usage (GCU, RAM, Disk), and decrease end-to-end detection latency (targeting P50 < 2 hours).
  • Participate in post-exercise analysis (e.g., Red Team, Purple Team) to identify detection gaps, document findings, and implement remediation detections.
  • Propose and implement incremental improvements to detection engineering pipelines, testing frameworks (e.g., synthetic event generation), and automation tooling.


About Google

Google is a multinational technology company that specializes in Internet-related services and products. These include online advertising technologies, search engine, cloud computing, software, and hardware. Google was founded in 1998 by Larry Page and Sergey Brin while they were Ph.D. students at Stanford University. The company has grown tremendously since then and has become one of the most valuable companies in the world. Google's mission is to organize the world's information and make it universally accessible and useful.
Learn more about Google
Size
156,500 employees
Market Cap
$1,115.4 billion
Industry
Net Income
$40.2 billion
Founded
1998
5 Year Trend
+23.3%
Revenue
$182.5 billion
NASDAQ

Similar Jobs

More Jobs at Google

More Information Technology Jobs

Find similar Security Engineer, Enterprise Detection Engineering jobs: