Google Creates an Internal Security Team
To make the apps in Playstore more secure, Google is forming an internal group named Android Security team, which will be working to find vulnerabilities in third-party Android apps in Google Playstore. The assessment starts with highly sensitive apps like COVID-19 tracing or election-related apps. As per the newly posted job listing in Google Careers, the company is hiring a Security Engineering Manager to lead the newly formed team. The positions are open for two areas – Kirkland in Washington and Mountain View in California. The head of this position is supposed to have fine leadership abilities and communication skills. Also, Google is asking the people who’re applying for this to have a bachelor’s degree in computer science or some related practical experience. Further, they should be having 5 years of experience in managing a team of security engineering professionals and 5 years of experience in Android code-level security auditing. The duty of this Security Engineering Manager will be “leading a team that investigates and solves problems in vulnerability analysis.” The Android Security team will be performing security assessments of highly sensitive, third party Android apps on Google Play. This may clash with the Google Play Security Reward Program (GPSRP), where independent researchers or bug hunters report their security findings to Google in exchange for a reward. The company takes in the report (only for eligible apps) and inform the developer to fix them.