**S** **e** **c** **u** **r** **i** **t** **y** **E** **n** **g** **i** **n** **e** **e** **r** **,** **T** **a** **p** **e** **s** **t** **r** **y** Software Engineering Mountain View, CA (HQ) **About X:** X is Alphabet’s moonshot factory with a mission of inventing and launching “moonshot” technologies that could someday make the world a radically better place. We are a diverse group of inventors and entrepreneurs who build and launch technologies that aim to improve the lives of millions, even billions, of people. Our goal: 10x impact on the world’s most intractable problems, not just 10% improvement. We approach projects that have the aspiration and riskiness of research with the speed and ambition of a startup. As an innovation engine, X focuses on repeatedly turning breakthrough-technology ideas into the foundations for large, sustainable businesses. **About the role:** As a security engineer, you will be responsible for designing, implementing and managing robust security solutions across our infrastructure and data pipelines. You will be a critical voice in shaping our security architecture, ensuring compliance with stringent power grid/energy industry regulations, meeting or exceeding Alphabet’s security posture, and staying ahead of emerging threats to protect our most valuable assets. As a part of a dynamic, cross-functional team, you will be responsible for a wide range of security priorities, deadlines and deliverables covering identification, detection, protection, response, recovery, and governance. This includes building threat models and conducting technical security assessments and code reviews to identify and mitigate vulnerabilities. You will identify gaps in Tapestry’s security architecture and implement solutions to address those gaps. You will oversee third-party penetration testing engagements, ensuring they are appropriately scoped, completed on time, and fully documented to meet Tapestry's business needs. You will coordinate with X’s, Alphabet’s, and Tapestry partners’ security teams to bring Tapestry’s security risks within acceptable tolerances. **How you will make 10x impact:** + Build and maintain threat models across Tapestry's products, systems and services and communicate key risks to stakeholders across the organization including executive audiences + Define security requirements, and establish security best practices for engineering teams to follow + Maintain up-to-date knowledge of and ensure compliance with evolving cybersecurity and data privacy regulations within the energy and power grid industry globally + Identify, implement and adopt changes to tools or processes that meaningfully improve the operational and security efficiency for Tapestry + Operate and maintain security systems such as GCP Security Command Center and GitHub Advanced Security, analyze and respond to threats, or execute information security procedures. Manage security incidents and drive mitigation/remediation efforts in collaboration with cross-functional teams **What you should have:** + Bachelor's degree in Computer Science, Information Security or a related field. A master’s degree in Computer Science or related field is a plus + 4-6 years of relevant work experience in security, especially in regulated industries such as Energy, Healthcare, Payments or Enterprise SaaS. + Hands on experience securing production environments and in-depth knowledge of security best practices and threat modeling on GCP + Ability to read, assess and propose security improvements for code in Terraform (HCL), Kotlin, Go and Python + Strong analytical and problem-solving skills with the ability to identify root causes and develop effective solutions + Ability to work as a part of a highly cross-functional and dynamic team with rapidly changing requirements and limited oversight **It'd be great if you had these:** + Experience working in a Startup/early stage company with rapidly changing requirements and limited oversight. + Familiarity with security frameworks and regulations used within the power systems and energy related industries, e.g., CEII, NERC CIP, NIST Cybersecurity framework, ISO 27001, SOC2 etc. + Familiarity with evolving security threat models and considerations with AI/ML platforms and applications + Working knowledge or background in power systems, though not required, would be a plus + Relevant security certifications (e.g., CISSP, CCSP, GIAC certifications) + Experience building security/compliance automation and tools The US base salary range for this full-time position is $161,000 - $194,000 + bonuses + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your location during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, or benefits. **An Equal Opportunity Workplace** At X, we don't just accept difference - we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. We are proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please contact us at x-accommodation-request@x.team .