Engineering Analyst, Trust and Safety, Chrome Extensions Security

Google
Kirkland, WA, USA

About the job

As a Security and Applied AI Analyst for the Chrome Web Store and Extensions Security team, you will leverage your domain expertise to perform technical investigations, uncover abuse vectors and techniques, and use your combined problem-solving and strategic acumen to improve our protection protocols and evolve them into scalable, AI driven systems. You will collaborate closely with engineering and product partners to identify threats, mitigate risks, and launch new protection mechanisms to help make the Chrome platform ecosystem the safest in the world. You will deploy solutions, both algorithmic and operational which will enable Google to identify and flag abuse more easily, more effectively, and at scale.

Responsibilities

Conduct investigations to catch harmful and abusive behavior and actors, enforce our product policies, learn abuse patterns, and establish ground truth data to train automated systems.

Reverse engineer potentially harmful extensions (written in JavaScript) to understand their operations and impact on the Chrome ecosystem.

Design AI-powered and automated solutions that enable scalable identification of malware, spam, and other harmful extensions.

Collaborate with other teams to develop and deploy new detection methods and signals, train and mentor a large team of security reviewers.

Enhance operational workflows via AI integration, process improvements, and identifying automation opportunities.

Qualifications

Minimum

Bachelor's degree or equivalent practical experience.

2 years of experience in building or reverse engineering JavaScript, PHP, mobile/web applications.

Experience with quantitative and qualitative analysis, using languages like SQL and Python.

Preferred

Master's degree in Computer Science, Information Technology, quantitative or quantitative discipline (e.g., Computer Science, Statistics, Mathematics, Operations Research, etc.).

Experience in cybersecurity principles and practices.

Experience with static and dynamic analysis of malicious binaries.

Knowledge of one or more of the following areas: statistical analysis and machine learning libraries (e.g., R, TensorFlow), programming languages (e.g., Python), Large Language Models (LLMs) or applied AI.

Familiarity with the development lifecycle and security considerations specific to browser extensions or similar technologies.

Excellent problem-solving and critical thinking skills with attention to detail in an ever-changing environment.