Note: The job is a remote job and is open to candidates in USA. Google is a leader in technology and innovation, and they are seeking a Senior DevSecOps Engineer for their National Security Public Sector team. In this role, you will focus on creating a secure operating environment, bridging offensive and defensive security practices, and automating security processes to protect sensitive data and systems.
Responsibilities
- Establish security baselines for agent construction, engineering strict privilege boundaries and data flow mapping between agents, vector databases, and external systems to prevent data leakage and indirect prompt injections
- Integrate automated red-team testing workflows (prompt injection, jailbreaking, privilege escalation) directly into deployment pipelines for continuous compliance with MITRE ATLAS, OWASP, and STRIDE
- Deploy robust container isolation and strict network egress filtering to restrict runtime access, minimizing the exploit blast radius within high-compute GPU/TPU environments
- Integrate automated security tools, image scanning, and software bill of materials (SBOM) generation into pipelines, leveraging enterprise software for secure secrets management across model artifacts
- Build and maintain automated code scanners for deep data flow analysis and fuzzing to catch vulnerabilities while minimizing false positives
Skills
- Bachelor's degree or equivalent practical experience
- 5 years of experience with Python, Go, or Bash for system automation, middleware creation, and tool integration
- 5 years of experience in a DevOps or DevSecOps role, including automation and pipeline security
- 5 years of experience managing containerized environments, orchestration tools (Kubernetes), and infrastructure-as-code (IaC) tools like Terraform or Ansible
- Ability to travel up to 25% of the time to engage with customers
- Must possess an active Top Secret/SCI security clearance with current polygraph
- Experience with securing AI/ML deployment frameworks (e.g., vLLM, Triton) and auditing underlying short/long-term storage systems like vector databases
- Experience implementing automated open source intelligence (OSINT) collection systems to transform threat disclosures into actionable signatures or incident response (IR) playbooks
- Experience deploying advanced container runtime isolation technologies (e.g., gVisor, Kata Containers) and designing strict pod egress network policies
- Knowledge in supply chain security tools, automated secret governance, and configuring continuous security gates at the pull-request level
- Familiarity with AI-specific risk frameworks, notably MITRE ATLAS and the open worldwide application security project (OWASP) for LLMs
Benefits
- Health, dental, vision, life, disability insurance
- Retirement Benefits: 401(k) with company match
- Paid Time Off: 20 days of vacation per year, accruing at a rate of 6.15 hours per pay period for the first five years of employment
- Sick Time: 40 hours/year (increased to 69 hours/year for Seattle) including 5 discretionary sick days per instance
- Maternity Leave (Short-Term Disability + Baby Bonding): 28-30 weeks
- Baby Bonding Leave: 18 weeks
- Holidays: 13 paid days per year
- 15% bonus target
- Equity
- Benefits
Company Overview