Senior DevSecOps Engineer, National Security, Public Sector

GoogleWashington D.C., DC, USA; Fort Meade, MD, USA; +2 more; +1 moreRemote eligible

Candidate must work on-site 5 days per week in Fort Meade, Maryland.

In accordance with Washington state law, we are highlighting our comprehensive benefits package, which is available to all eligible US based employees. Benefits for this role include:

Health, dental, vision, life, disability insurance
Retirement Benefits: 401(k) with company match
Paid Time Off: 20 days of vacation per year, accruing at a rate of 6.15 hours per pay period for the first five years of employment
Sick Time: 40 hours/year (increased to 69 hours/year for Seattle) including 5 discretionary sick days per instance
Maternity Leave (Short-Term Disability + Baby Bonding): 28-30 weeks
Baby Bonding Leave: 18 weeks
Holidays: 13 paid days per year

Note: Google's hybrid workplace includes remote and in-office roles. By applying to this position you will have an opportunity to share your preferred working location from the following:

In-office locations: Washington D.C., DC, USA; Fort Meade, MD, USA.
Remote location(s): Maryland, USA.

Minimum qualifications:

Bachelor's degree or equivalent practical experience.
5 years of experience with Python, Go, or Bash for system automation, middleware creation, and tool integration.
5 years of experience in a DevOps or DevSecOps role, including automation and pipeline security.
5 years of experience managing containerized environments, orchestration tools (Kubernetes), and infrastructure-as-code (IaC) tools like Terraform or Ansible.
Ability to travel up to 25% of the time to engage with customers.
Must possess an active Top Secret/SCI security clearance with current polygraph.

Preferred qualifications:

Experience with securing AI/ML deployment frameworks (e.g., vLLM, Triton) and auditing underlying short/long-term storage systems like vector databases.
Experience implementing automated open source intelligence (OSINT) collection systems to transform threat disclosures into actionable signatures or incident response (IR) playbooks.
Experience deploying advanced container runtime isolation technologies (e.g., gVisor, Kata Containers) and designing strict pod egress network policies.
Knowledge in supply chain security tools, automated secret governance, and configuring continuous security gates at the pull-request level.
Familiarity with AI-specific risk frameworks, notably MITRE ATLAS and the open worldwide application security project (OWASP) for LLMs.

About the job

Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.

As a Senior Development, Security, and Operations (DevSecOps) Engineer, you will bridge the gap between offensive AI security research (Red Team) and defensive platform engineering (Blue Team). You will serve as the core architect of our automated purple-teaming pipeline. You will design the automation that continuously emulates threats, validates guardrails, and deploys real-time containerized and network defenses. The ideal candidate views manual validation as a bug to be fixed and has interest in securing large language models, runtime isolation configurations, and automated detection workflows.Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.Individual pay is determined by factors including job-related skills, experience, and relevant education or training.

US: $174000 - $253000 (USD) + 15% bonus target + bonus + equity + benefits

Learn more about benefits at Google.

Responsibilities

Establish security baselines for agent construction, engineering strict privilege boundaries and data flow mapping between agents, vector databases, and external systems to prevent data leakage and indirect prompt injections.
Integrate automated red-team testing workflows (prompt injection, jailbreaking, privilege escalation) directly into deployment pipelines for continuous compliance with MITRE ATLAS, OWASP, and STRIDE.
Deploy robust container isolation and strict network egress filtering to restrict runtime access, minimizing the exploit blast radius within high-compute GPU/TPU environments.
Integrate automated security tools, image scanning, and software bill of materials (SBOM) generation into pipelines, leveraging enterprise software for secure secrets management across model artifacts.
Build and maintain automated code scanners for deep data flow analysis and fuzzing to catch vulnerabilities while minimizing false positives.

Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.

Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.

If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.

Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.

To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.

Equity is granted exclusively and discretionarily by Alphabet Inc. on the basis of an agreement concluded between you and Alphabet Inc. Alphabet Inc. is your sole contractual partner with respect to equity grants. GSU grants are not guaranteed, are discretionary, are subject to approval by the Alphabet Inc. board of directors or its delegate, the terms of the relevant Alphabet Inc. stock plan, and your grant agreement. They have no impact on statutory payments. Current or past grants do not confer an acquired right.

job details

Jobs search results

Senior Data Center Engineer, Electrical Engineering

Field Sales Representative II, Growth Startups, Google Cloud

Senior Software Engineer, Google One Security

Senior Account Manager, Large Customer Sales, Automotive

Technical Program Manager III, Software Engineering, Google Ads

Marketing Manager, Grow with Google

Mechanical Technical Program Manager, Google Pixel

Program Manager, Vendor Operations Transformation

Strategic Agency Manager, Google Customer Solutions, Swedish Market

Software Engineer III, Google Compute Engine, Fleet Management

Senior Emulation Verification Engineer, Google Cloud

Account Manager, Large Customer Sales (English, Bahasa Indonesia)