Security Engineer, GDC Airgapped Compliance
- linkCopy link
- emailEmail a friend
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 5 years of coding experience in one or more general purpose languages.
- 5 years of experience with applications security, cryptography, network security, systems security or malware analysis.
- Experience with compliance and accreditation process.
- Experience with cloud technologies and enterprise compute environment with virtualization and cloud hosting.
Preferred qualifications:
- Master's degree or equivalent practical experience.
- Experience with audits including standards, implementation, and technology, with experience managing, configuring and supporting a large engineering project.
- Familiarity with relevant attestation audits.
- Excellent problem-solving abilities, with a sense of ownership, urgency and drive.
About the job
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
Google Distributed Cloud air-gapped (GDCag) to meet the compliance regimes under which the Public Sector, Defense Industry, Critical National Infrastructure, Financial Sector and other customers operate, including but not limited to standard frameworks, and establish a governance framework to ensure the continuous compliance of all customers.
Google Distributed Cloud as a product, enables public sector organizations and regulated enterprises to address strict data residency and security requirements, delivering innovation to their users. GDC's air-gapped solution does not require connectivity to Google Cloud or the public internet to manage the infrastructure, services, APIs, or tooling, and is built to remain disconnected in perpetuity. It is designed to support strict requirements in alignment with NIST SP 800-53-FedRAMP high security controls.
In this role, you will have specialized knowledge of GDC air-gapped security protocols and architecture, security regulations, security technologies, compliance controls, system-level designs, special soft skills (careful crafting of narratives), certification audits and security assessments, compliance requirements across many different compliance regimes: commercial, U.S. government, foreign governments, ISO etc.
Responsibilities
- Analyze and interpret regulatory frameworks (including Governments, ISO, and commercial standards) to determine applicability and ensure technical alignment for GDC-ag.
- Lead the end-to-end development of compliance engineering projects, including the automation of audit evidence collection, monitoring solutions, and reporting tools.
- Conduct technical design reviews, risk assessments, and implementation audits to advise engineering teams on secure and compliant architecture options.
- Provide subject matter expertise during certification audits, security assessments, and cross-functional meetings to bridge the gap between compliance requirements and engineering execution.
- Collaborate with security and product teams to support incident and vulnerability response efforts, driving continuous improvements in the overall security posture.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.