Security Engineer, Enterprise Detection Engineering

GoogleSan Jose, CA
$147,000 - $211,000

About The Position

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities. The Enterprise Detection organization monitors Alphabet's first and third party endpoint platforms and systems to detect/prevent cyber threats. Our mission is to safeguard the integrity of Google’s enterprise by defending the endpoint platforms our employees and systems rely on every day via engineering high-fidelity detections that protect Google from human and AI/agentic hackers and exploits at scale. As a Security Engineer in Enterprise Detection, you will be responsible for securing Google's enterprise footprint. This includes corporate endpoints (macOS, Linux, Windows, ChromeOS), off Google and second-party/third-party entities (e.g., Aqs/Bets), and infrastructure powering internal AI services/agents. You will design, implement, and maintain high-fidelity detection to identify external threat actors and insider threats before they cause harm. You will work with minimal assistance to solve well-scoped problems involving multiple interconnected systems, collaborating closely with incident response, enterprise security, and engineering teams. You are expected to execute project work separately, participate in design discussions, and begin developing deep technical expertise in enterprise threat detection. You will be responsible for threat modeling, developing, automating, and maturing detection capabilities end-to-end.

Requirements

  • Bachelor's degree or equivalent practical experience.
  • 2 years of experience with security assessments or security design reviews or threat modeling.
  • 2 years of experience with security engineering, computer and network security and security protocols.
  • 2 years of coding experience in one or more general purpose languages.

Nice To Haves

  • 3 years of experience in detection engineering, security operations (SOC), threat hunting, or incident response.
  • Experience building and tuning detections on enterprise surfaces (macOS, Linux, Windows endpoints, Google Workspace/SaaS).
  • Familiarity with the MITRE ATT&CK framework and threat modeling methodologies.
  • Knowledge of AI and agentic systems and concepts.

Responsibilities

  • Scope detection requirements for enterprise surfaces, focusing on high-risk areas such as Insider Exfiltration, Access Abuse, and Malicious Process Execution.
  • Design and implement detection rules for systems involving multiple interconnected components, ensuring comprehensive coverage across enterprise surfaces.
  • Assess security risks separately and justify detection strategies based on threat intelligence and risk models. Design and implement improvements to existing detections to reduce false positives, minimize resource usage (GCU, RAM, Disk), and decrease end-to-end detection latency (targeting P50 < 2 hours).
  • Participate in post-exercise analysis (e.g., Red Team, Purple Team) to identify detection gaps, document findings, and implement remediation detections.
  • Propose and implement incremental improvements to detection engineering pipelines, testing frameworks (e.g., synthetic event generation), and automation tooling.

Benefits

  • 15% bonus target
  • equity
  • benefits
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service