Security Engineering Manager, Information Security Engineering
- linkCopy link
- emailEmail a friend
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 8 years of experience in a technical leadership role; overseeing projects, with 2 years of experience in a people management, supervision/team leadership role.
- Experience with the bug bounty lifecycle, including triage, severity assessment, and researcher community management.
Preferred qualifications:
- Master’s degree or PhD in Engineering, Computer Science, or a related technical field.
- Experience building or deploying automated tools (e.g., LLM-based agents) for security workflows such as triage automation or bug fixing.
- Experience driving large-scale security improvements and collaborating with product teams to remediate widespread technical issues.
- Proven track record of managing engineering teams and a background in software security, particularly in vulnerability reproduction and variant analysis.
About the job
There's no such thing as a "safe system" - only safer systems. Our Security team works to create and maintain the safest operating environment for Google's users and developers. As a Security Engineer, you help protect network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect highly sensitive data like passwords and customer information. Security Engineers work directly with network equipment and actively monitor our systems for attacks and intrusions. You also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
You are a recognized expert in at least two security domains and use your leadership skills to manage a team that sets the direction and goals for solving Google-wide problems. You identify fundamental security problems at Google and drives major security improvements in Google infrastructure.
As the foundational Security Engineering Manager for Google Vulnerability Rewards Program (VRP) in Singapore, you will lead a team of security and software engineers. You will scale our vulnerability handling capacity by architecting AI-driven agents for triage, reproduction, and automated bug fixing. Beyond operations, you will drive unified risk reporting and lead large-scale remediation projects to eliminate entire vulnerability classes across Google.You are a proven leader with a technical foundation and broad application security expertise—spanning web, mobile, API, and threat modeling.
The Core team builds the technical foundation behind Google’s flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google’s products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.
Responsibilities
- Maintain a high level of operational independence while collaborating closely with global leads in the US and Zurich to align on technical direction.
- Oversee the Singapore-based triage and remediation rotation, ensuring effective vulnerability reproduction, severity assessment, and bug filing for incoming security reports.
- Steer the strategic development of agents and infrastructure to automate vulnerability handling, triage, and conduct variant analysis to reduce manual workloads.
- Build and maintain a unified vulnerability analysis pipeline and dashboarding system to provide executive-level insights into emerging threats and program return on investment (ROI).
- Drive large-scale remediation efforts that eliminate entire classes of vulnerabilities across Google’s products and infrastructure.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.