Security Platform Engineer, UK Security Operations

Minimum qualifications:

• Bachelor's degree in Computer Science, Information Security, a related field, or equivalent practical experience.
• 5 years of experience in security engineering, DevSecOps, or platform engineering roles.
• Experience with technical troubleshooting and scripting languages such as Python, Go, or Bash.
• Experience with Kubernetes security, including workload isolation, RBAC, and network policies, containerisation, orchestration, and Kubernetes observability tools (e.g., Falco, Prometheus, Grafana).
• Experience with infrastructure-as-code and configuration management tools (e.g., Terraform, Helm, ArgoCD).
• Eligibility to obtain UK Developed Vetting (DV) security clearance; British Citizenship is required for this role.

Preferred qualifications:

• Certifications in Security (e.g., GSEC, CISSP, CISM, OSCP).
• Experience with Kubernetes threat detection and anomaly detection.
• Experience with service mesh security concepts (e.g., Istio, Linkerd) and workload identity.
• Experience in detection engineering, logging pipeline development, or SIEM tuning in containerised environments.
• Experience in contributing to security-focused open-source projects or internal security platform tooling.

About the job

The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private cloud services. We aim to provide the flexibility, reliability, and scalability of public cloud for customers with exceptionally high security requirements that can only be met in a private cloud environment. We deliver and operate these private cloud deployments for the most critical customers, helping scale, secure and maintain the deployment whilst working closely with Google product teams to continually improve our technology.

As a Security Platform Engineer, you will play a critical role in designing, building, and managing cloud-native security platforms with a strong emphasis on Kubernetes-based environments. You'll be at the intersection of security and engineering-developing scalable tooling, automating security controls, and enabling robust detection and response capabilities across our cloud infrastructure. This is an engineering-centric role that requires deep technical expertise in cloud environments, Kubernetes security, and platform automation. You'll work closely with Incident Response Engineers and platform teams to ensure that security is seamlessly integrated into our infrastructure and operational workflows. This role will require participation in a rotating on-call schedule outside of core business hours and over the weekend to ensure security incidents can be swiftly resolved.

Responsibilities

• Deploy, configure, and manage cloud security platform tools and technologies, including Security Information and Event Management (SIEM), Intrusion Detection/Prevention Systems (IDS/IPS), and Cloud Workload Protection Platforms (CWPP).
• Develop and implement security monitoring and logging strategies.
• Investigate and analyse security incidents, including identifying root causes, determining the scope of impact, and taking appropriate containment and remediation actions.
• Perform forensic analysis to identify and investigate suspicious activity.
• Automate security tasks and workflows to improve efficiency and effectiveness.

Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .