job description
At Google, we don't just build technology; we protect the digital ecosystem that powers the world. We are seeking a highly skilled Security Analyst, Threat Intelligence Operations to join our elite cybersecurity team in Singapore. In this mission-critical role, you will be at the forefront of defending Alphabet’s global infrastructure against sophisticated cyber threats.
You will play a pivotal role in proactive threat hunting, deep-dive analysis, and the development of actionable intelligence that informs our defense strategies. If you are passionate about dissecting complex attack vectors, collaborating with global cross-functional teams, and staying ahead of the global threat landscape, this is your opportunity to make a tangible impact at the scale that only Google can offer.
We foster a culture of curiosity and resilience. You will work with industry-leading tools and massive datasets to identify emerging risks before they impact our users. Join us in our commitment to keeping the internet safe, secure, and accessible for everyone.
Responsibility
- Monitor and analyze global threat intelligence feeds to identify emerging vulnerabilities and attack trends.
- Execute proactive threat hunting missions to detect and mitigate malicious activity within Google’s network infrastructure.
- Produce high-quality technical intelligence reports for executive leadership and internal security stakeholders.
- Collaborate with Incident Response teams during high-stakes security investigations to minimize business impact.
- Develop and automate threat detection signatures, dashboards, and automated alert workflows.
- Conduct deep-dive forensic analysis on suspicious traffic patterns and malware samples.
- Maintain strong cross-functional relationships with global security operations centers (SOC) and engineering teams.
Qualifications
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.
- 3+ years of experience in Threat Intelligence, Security Operations (SOC), or Incident Response.
- Proficiency in security analysis tools such as SIEM platforms, EDR, and network traffic analysis tools (e.g., Wireshark, Zeek).
- Strong understanding of MITRE ATT&CK frameworks, TTPs, and advanced persistent threat (APT) methodologies.
- Proven ability to script and automate security tasks using Python, Go, or similar languages.
- Exceptional analytical and problem-solving skills with the ability to communicate complex technical concepts effectively.
- Experience in cloud security architectures and large-scale data environments is highly preferred.