
Mid
Secure the open source software supply chain on Google's GOSST team
Software engineer on the Google Open Source Security Team (GOSST) in Singapore, building tools to assess and improve the security posture of open source software, find vulnerabilities, and secure open source build/release pipelines. Entry bar is 2 years of software development experience (Go, Python, C/C++, Java, or Rust), with security/open-source and AI-assisted development experience preferred.
Step into this interview
Free · a live voice mock calibrated to this exact role
Likely format
Google SWE loop: phone screen(s) with coding, followed by onsite rounds covering coding, system/security design, and Googleyness/leadership behavioral interviews.
What this interview tests
- Finding and triaging vulnerabilities in open source software
- Building tools for supply-chain security (build/release integrity, vulnerability scanning)
- Secure software development practices and advocacy
- AI-assisted development with critical review of AI output
- Engaging external open source maintainers/community
Common question themes
Describe a security vulnerability you found and how you assessed its impact
Design a tool to assess or improve the security posture of an open source project
How do you review AI-generated code for security issues
Tell me about working with an external open source community or maintainer
Coding question in one of Go/Python/C/C++/Java/Rust with a security angle
Related interviews

Senior
Software Engineer, Serverless Networking, Infrastructure

Staff
Staff Software Engineer, Mobile (Android), YouTube

Associate
Software Engineer

Cloudflare
Mid
Vulnerability Management Engineer

Amazon
Senior
Sr. Software Development Engineer, Amazon Optics

Cloudflare
Mid