Security Engineer Lead, Reverse Engineering

About Google Operations Center

At Google Operations Center we help Google users and customers solve problems and achieve their goals—all while enjoying a culture focused on improving continuously and being better together. We work hard, we play hard, and we want you to join us!

The Role: Security Engineer Lead, Reverse Engineering

As a Team Lead for Reverse Engineering on the Android Security Operations team focusing on preloaded applications, you will be part of a cross functional team that is the first line of defense against harmful applications in the Android ecosystem. You will work closely with teams of Security Engineers to review potentially malicious applications, develop automated detection systems that leverage state-of-the-art static and dynamic analysis tools and, leveraging machine learning and technical contractor review teams to scale. You will provide technical expertise to influence new Android policies, tackle complex technical investigations, and engage in impactful work that protects billions of users all over the world.

Position Responsibilities

• Manage team of Reverse Engineers comprising of junior and senior analysts
• Reverse Engineer Android applications, native libraries, and system binaries using static and dynamic tools like IDA or Ghidra
• Investigate threats to the Android ecosystem and provide technical consultation in developing new policies, detection signatures and automations by understanding and prioritizing strong security and privacy for users while also considering developer and user experience
• Analyze the effectiveness of current static and dynamic analysis systems and make recommendations for improvement
• Investigate new malware techniques and develop automated detection for new malicious behaviors and IOCs
• Analyze telemetry data to look for anomalies that may indicate abusive or unwanted software
• Develop review process and educational material for large reverse engineering contractor teams
• Demonstrate strong functional leadership by mentoring security analysts / engineers, setting technical direction and priorities for the team
• Conduct investigations to identify new harmful behaviors, enforce product policies, and analyze distribution trends
• Collaborate with cross-functional groups such as Engineering, Policy and Legal to update policies, fix product loopholes, and provide users with a better mobile experience
• Articulate key findings in comprehensive white papers, demonstrating a strong ability to communicate technical concepts with clarity and precision

Minimum Qualifications

• 8+ years of experience in security research/analysis, in the context of malware/abuse detection.
• 3+ years of experience in people management, leading technical analysts, and/or with an engineering team.
• Experience reading assembly and understanding of unpacking obfuscated code
• Excellent stakeholder management & operational skills
• Experience working with tools such as IDA Pro, Ghidra, Burp, Jadx, Frida, and JEB

Preferred Qualifications

• Experience with developing or analyzing Android applications
• Experience with analyzing Malware applications
• Experience in software reverse engineering, code-level security auditing or Android system security
• Experience coding in Python, SQL and Java
• Bachelor's degree in Computer Science or in a related field, or equivalent practical experience

Benefits

• We support you with competitive wages and with comprehensive health care including medical, dental and vision coverage
• We support your family with gender-neutral baby bonding leave, 26 week birth-parent maternity leave, and generous life, accident and disability insurance minimums
• Employees who work onsite can enjoy free meals and snacks, and fun onsite experiences

Key skills/competency

• Reverse Engineering
• Malware Analysis
• Android Security
• Static Analysis
• Dynamic Analysis
• IDA Pro
• Ghidra
• Python
• Threat Intelligence
• Policy Development