Staff Security Engineer, AI Vulnerability Research link Copy link
Advanced Experience owning outcomes and decision making, solving ambiguous problems, and influencing stakeholders; deep expertise in domain.
Apply
link Copy link
Bachelor's degree or equivalent practical experience.
8 years of experience in security engineering.
Experience in operational security risk assessments or vulnerability assessment.
Preferred qualifications: Experience supporting security attack prevention, compliance audits, and programs.
Experience in one or more programming languages suitable for security research and prototyping (e.g., Python).
Experience with security monitoring and analysis tools.
Interest and experience in mentoring junior team members.
Experience in offensive security and vulnerability research.
About the job Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
Responsibilities Identify security vulnerabilities in Google's core AI and ML infrastructure through technical analysis, code review, design review, and fuzzing.
Conduct vulnerability research into specific components and threat areas, such as model exfiltration vectors, tampering techniques, insecure input management, or infrastructure abuse potential.
Develop proof of concept exploits and tools to demonstrate the impact and exploitability of discovered vulnerabilities. Lead and participate in offensive security exercises (e.g., Orange Team, pen tests) against critical AI systems and infrastructure.
Analyze complex system architectures and threat models related to AI development and deployment to identify systemic weaknesses and security gaps. Collaborate closely with AISS hardening engineers and ML infrastructure teams to design and validate effective mitigation for identified vulnerabilities.
Document research findings, vulnerability details, exploitation techniques, and mitigation recommendations for technical audiences.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing equal employment opportunities regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related conditions (including breastfeeding), expecting or parents-to-be, criminal histories, or any other legally protected basis. See also Google's EEO Policy, Know your rights, Belonging at Google, and How we hire.
Google is a global company, and English proficiency is required for all roles unless stated otherwise.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.
#J-18808-Ljbffr