info_outline
X In accordance with Washington state law, we are highlighting our comprehensive benefits package, which is available to all eligible US based employees. Benefits for this role include:
- Health, dental, vision, life, disability insurance
- Retirement Benefits: 401(k) with company match
- Paid Time Off: 20 days of vacation per year, accruing at a rate of 6.15 hours per pay period for the first five years of employment
- Sick Time: 40 hours/year (increased to 69 hours/year for Seattle) including 5 discretionary sick days per instance
- Maternity Leave (Short-Term Disability Baby Bonding): 28-30 weeks
- Baby Bonding Leave: 18 weeks
- Holidays: 13 paid days per year
Note: By applying to this position you will have an opportunity to share your preferred working location from the following:
Sunnyvale, CA, USA; Kirkland, WA, USA; Seattle, WA, USA.
Minimum qualifications: - Bachelor's degree or equivalent practical experience.
- 8 years of experience with security assessments or security design reviews or threat modeling.
- 8 years of coding experience in one or more general purpose languages.
- 3 years of experience leading teams in a technical capacity or leading technical risk analysis in an enterprise environment.
- Experience with global compliance frameworks and accreditation (e.g., FedRamp High, ISO 27001, NIST 800-53, AU-ISM, etc.).
Preferred qualifications: - Experience leveraging strong technical skills in a customer-facing and strategic capacity.
About the jobOur Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
In this role, you will ensure Google Distributed Cloud air-gapped (GDCag) meets compliance requirements for Public Sector, Defense Industry, Critical National Infrastructure, and Financial Sector customers by establishing governance frameworks aligned with NIST SP 800-53-FedRAMP and other standards for continuous compliance. You will leverage integrated cloud services, machine learning technologies, and Kubernetes API-based ecosystems with flexible hardware options. You will require specialized knowledge of GDC air-gapped security protocols, architecture, security regulations, compliance controls, system-level designs, and certification audits across commercial, U.S. government, foreign governments, and ISO standards, with the ability to craft narratives communicating these concepts effectively.
Individual pay is determined by factors including job-related skills, experience, and relevant education or training.
US: $207000 - $301000 (USD) 20% bonus target equity benefits
Learn more about benefits at Google .
Responsibilities - Review and provide inputs about requirements across relevant regulatory frameworks and technical standards and determine their applicability to GDC air-gapped.
- Conduct implementation reviews and report on their findings.
- Conduct risk assessments, identify opportunities for compliance process improvements, and lead engineering projects to implement solutions for monitoring, audit tooling, reporting, alerting, and evidence generation/collection.
- Oversee engineering projects from a technical compliance perspective, collaborate with engineering teams on security and compliance improvements, and advise on compliant and secure implementation options during design reviews.
- Participate in compliance meetings, contribute subject matter expertise for decision-making and certification audits, support security assessments, develop an understanding of various compliance regimes (commercial, U.S. government, foreign governments, ISO), and assist with incident and vulnerability response.