Security Analyst II, Threat Detection (English, Spanish)

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
  
• 4 years of experience with cyber security and/or threat analysis.
• 2 years of experience in incident analysis, malware research, SOC, or any other similar incident response experience.
• Ability to communicate in English and Spanish fluently to support client relationship management in this region.
  
• Ability to work non-standard hours and work rotations/shifts, including night shifts as required.
  

Preferred qualifications:

• Certification in Security+ or similar Cyber Security/Incident Response.
  
• Experience analyzing, triaging, and remediating common information security incidents.

Experience with automation via coding or scripting.

Understanding of common attacker tactics, tools, and techniques.

Excellent problem-solving and investigative skills.

Ability to work separately, prioritize, and multitask.

About the job

In this role, you will create and maintain the safest operating environment for Google's users and developers. You will defend network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect sensitive data (e.g., passwords and customer information). You will monitor our systems for attacks and intrusions and work to proactively identify flaws and vulnerabilities.

The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.

Responsibilities

• Analyze security alerts in Security Information and Event Management (SIEM) and other external alert sources.
  
• Search for anomalous activity via manual hunting at Alphabet scale.
• Escalate unusual incidents to Detection and Response teams.
• Lead response efforts to low severity incidents.
• Support the response to high and medium severity security incidents as directed.