[Remote] Associate Security Analyst, Agentic Security Operations

Note: The job is a remote job and is open to candidates in USA. Google is a leader in technology and innovation, and they are seeking an Associate Security Analyst for their Agentic Security Operations team. In this role, you will leverage generative AI and AI-infused tools to enhance security defense workflows and conduct in-depth investigations of security incidents.

Responsibilities

• Analyze real-time security events across endpoint, network, and cloud environments, integrate AI-infused alert summarization platforms to rapidly categorize and prioritize high-severity alerts
• Leverage generative AI security assistants (such as Google Security Operations Gemini) to translate natural language threat hypotheses into advanced detection queries (YARA-L), accelerating threat hunting and triage
• Conduct host and network forensic analysis to support incident response efforts, applying AI analytics to correlate disparate signals, understand attacker activity, and assess customer impact
• Execute basic static and dynamic analysis of suspicious files, utilize AI-driven code explainers and de-obfuscation models to identify malicious capabilities rapidly (e.g., identifying GOOTLOADER JavaScript or CORNFLAKE.V3 backdoors)
• Isolate compromised hosts and stop lateral movement or ransomware propagation using both manual controls and AI-driven automated response playbooks

Skills

• Bachelor's degree in Computer Science, a related technical field (e.g. Cyber Security, Information Technology) or equivalent practical experience
• Experience utilizing generative AI security assistants, security copilots, or AI-infused query builders to search Security Information and Event Management (SIEM) telemetry, summarize incidents, or accelerate analysis workflows
• Experience with Endpoint Detection and Response (EDR) tools (such as Crowdstrike Falcon or SentinelOne Singularity, specifically utilizing AI or heuristic modules), Network Detection and Response (NDR) and Next-Generation Firewall (NGFW) tools (such as Corelight, Palo Alto, Vectra, or Trellix NX), or SIEM platforms (such as Google Security Operations, Splunk, or QRadar)
• 4 years of experience in a SOC environment, a specialized Information Security role
• Experience leading investigations/participating in response operations for high-severity events
• Proficiency with AI prompting techniques (prompt engineering) tailored for cyber security use cases, such as extracting indicators of compromise (IOCs) from unstructured threat reports or automating the generation of YARA-L/Sigma rules
• Proficiency in scripting with experience connecting to AI model APIs to parse data, automate repetitive tasks, or build tools
• Understanding of the risks associated with using Generative AI in security contexts, including data privacy/leakage concerns, model hallucination management, and prompt injection concepts

Benefits

• 15% bonus target
• Bonus
• Equity
• Benefits

Company Overview