Security Engineer, Mandiant, Reverse Engineering

Google

Google is a global technology leader providing innovative solutions in search, cloud computing, software, and digital services.

Reston, VA, USA • Cambridge, MA, USA • New York, NY, USA…

$161,000 - $239,000

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

5+ years of experience

Cybersecurity · Enterprise SaaS

Description For Security Engineer, Mandiant, Reverse Engineering

Google's Security team is seeking a Security Engineer for their Mandiant division, focusing on reverse engineering and binary analysis. This role is crucial in providing trusted reverse engineering capabilities for Google Cloud. The position involves conducting sophisticated binary analysis, both static and dynamic, across various platforms and architectures. The team's primary focus is delivering actionable threat intelligence and improving automated methodologies for greater impact.

As a Security Engineer, you'll be at the forefront of protecting Google's infrastructure, working to create and maintain the safest operating environment for users and developers. Your responsibilities will include protecting network boundaries, hardening systems against attacks, and securing sensitive data. You'll collaborate with software engineers to identify and resolve security vulnerabilities, while also managing complex security incidents and policy questions.

The role offers a competitive compensation package, including a base salary range of $161,000-$239,000, plus bonus, equity, and comprehensive benefits. This position requires strong technical expertise in security engineering, reverse engineering, and malware analysis, combined with leadership experience. You'll be part of a team that values innovation, collaboration, and technical excellence in pursuing the goal of creating safer systems.

The ideal candidate will bring 5+ years of experience in security engineering, with specific expertise in reverse engineering, security assessments, and coding. You'll work across multiple locations, contributing to Google's mission of providing industry-leading security solutions while protecting their vast user base and infrastructure. This role offers an opportunity to work on cutting-edge security challenges while making a significant impact on Google's security posture.

Last updated 3 months ago

Responsibilities For Security Engineer, Mandiant, Reverse Engineering

Perform static and dynamic binary analysis on a wide variety of platforms, architectures, and run-times
Write technical malware reports to support intrusion investigations by Mandiant Consulting, alert triage by Managed Defense, intelligence reports by Google Threat Intelligence, and more
Develop software to extract malware configurations from diverse malware families
Participate in research and development tasks for existing research initiatives with minimal assistance from executive analysts
Develop software in support of malware automation and triage

Requirements For Security Engineer, Mandiant, Reverse Engineering

Python

Linux

Bachelor's degree or equivalent practical experience
5 years of experience with security assessments or security design reviews or threat modeling
5 years of experience with security engineering, computer and network security and security protocols
5 years of coding experience in one or more general purpose languages
5 years of experience with reverse engineering
1 year of experience leading teams in a technical capacity or leading technical risk analysis in an enterprise environment
5 years of experience with encryption (preferred)

Benefits For Security Engineer, Mandiant, Reverse Engineering

Medical Insurance

Vision Insurance

Dental Insurance

Equity

401k

Medical Insurance
Vision Insurance
Dental Insurance
Equity
401k

Google

Google is a global technology leader providing innovative solutions in search, cloud computing, software, and digital services.

Reston, VA, USA • Cambridge, MA, USA • New York, NY, USA…

$161,000 - $239,000

Security

Mid-Level Software Engineer

In-Person

5,000+ Employees

5+ years of experience

Cybersecurity · Enterprise SaaS

Google

How would you implement a placement system for cars in a racing game with a circular track?

Data Structures & AlgorithmsHard

Imagine you are developing a racing game. You need to implement a system that determines the placement of each car in the race at any given moment. The race track is a circular track of a fixed length. Each car has a unique ID and a current distance traveled from the starting line. Design a function that takes a list of cars, where each car is represented by its ID and distance traveled, and returns the current placement of each car, considering the circular nature of the track. For example, if the track length is 1000 meters and a car has traveled 1200 meters, its actual position on the track is 200 meters. Consider edge cases such as multiple cars having the same position. Can you implement a function that efficiently calculates and assigns placements to the cars based on their positions on the track?

Arrays

Greedy Algorithms

Google

Design a scalable and accurate rate limiter.

System DesignMedium

Let's design a rate limiter. This is a crucial component in many systems to prevent abuse and ensure fair usage. Your rate limiter should meet these requirements: Functionality: It should limit the number of requests a user can make within a specific time window. For example, allow a user to make 10 requests per minute. Scalability: The rate limiter needs to handle a large number of users and requests concurrently. Imagine millions of users accessing the system. Accuracy: It should accurately track and enforce the rate limits. A small degree of error is acceptable, but significant deviations are not. Low Latency: The rate limiter must not introduce significant delays in request processing. The overhead should be minimal. Fault Tolerance: The system should continue to function correctly even if some components fail. It should be resilient to outages. Cost-Effectiveness: The solution should be cost-effective in terms of resources used (e.g., memory, CPU, network bandwidth). Consider these scenarios and constraints: Users are identified by a unique ID. The time window is configurable (e.g., seconds, minutes, hours). The rate limit is also configurable per user or group of users. You can use any data structures and algorithms you deem appropriate. Assume you have access to a distributed cache (e.g., Redis, Memcached). Walk me through your design. Discuss different approaches, their trade-offs, and how you would address the requirements. Specifically, consider the following: Data structures for storing request counts. Algorithms for incrementing and checking request counts. Handling concurrency and race conditions. Strategies for distributing the rate limiter across multiple servers. How to handle exceeding the rate limit (e.g., returning an error code). Monitoring and alerting. For example, if a user with ID user123 tries to make 11 requests within a minute when their limit is 10, the rate limiter should reject the 11th request. How would your system achieve this efficiently and reliably at scale?

Arrays

Strings

Two Pointers

Stacks

Binary Search

Sliding Windows

Linked Lists

Trees

Recursion

Graphs

Dynamic Programming

Greedy Algorithms

Bit Manipulation

Database Problems

Google

Describe a challenging situation you faced and how you overcame it.

Behavioral

Tell me about a time you faced a significant challenge and how you overcame it. To provide a detailed response, please consider the following: Describe the challenge:** What specific obstacles did you encounter? What made it difficult to handle? Explain your actions:** What steps did you take to address the challenge? What resources did you utilize? Did you seek help from others? Highlight your thought process:** What were your considerations when deciding on a course of action? What alternatives did you consider, and why did you choose your particular approach? Detail the outcome:** What was the result of your efforts? Did you successfully overcome the challenge? If so, what did you learn from the experience? If not, what would you do differently next time? For example, perhaps you were working on a complex software project with a tight deadline and encountered unexpected technical difficulties. Or, maybe you had to mediate a conflict between team members with differing opinions on how to approach a problem. Another example could involve learning a new programming language or technology in a short timeframe to meet a critical project requirement. When answering, be sure to provide enough context so the interviewer understands the situation and can assess your problem-solving skills, resilience, and ability to learn from challenges.

Interested in this job?

Jobs Related To Google Security Engineer, Mandiant, Reverse Engineering

Product Manager, Secret Manager

Google

Product Manager position for Google Cloud's Secret Manager, focusing on security and cloud infrastructure management.

Cloud Security Architect, Cloud and Infrastructure, Mandiant

Google

Cloud Security Architect position at Google's Mandiant, focusing on cyber defense and security transformation services, requiring Arabic and English fluency.

Technical Program Manager II, Vulnerability Assessment, Google Cloud

Google

Technical Program Manager position focusing on vulnerability assessment and security compliance for Google Cloud's public sector initiatives.

Product Manager II, Trusted Infrastructure

Google

Product Manager II position at Google focusing on Privacy Sandbox and Trusted Infrastructure initiatives, combining security expertise with product management skills.

Technical Program Manager II, Security, Core

Google

Technical Program Manager II position at Google focusing on security infrastructure and ecosystem partnerships, offering competitive compensation and opportunity to impact core Google products.