Cloud Security Architect, UK Security Operations

Minimum qualifications:

• Bachelor's degree or equivalent experience.
• Industry-recognized security certifications such as CISSP, CCSP, or relevant cloud-specific security credentials.
• 5 years of experience in designing and securing multi-cloud environments, including IaaS, PaaS, and SaaS.
• Experience with IaC tools and automating security controls and processes.
• The role requires the applicant to hold and maintain Developed Vetting (DV) UK Security Clearance.

Preferred qualifications:

• Experience leading comprehensive threat modeling exercises and conducting detailed risk assessments to identify and prioritize security vulnerabilities across the platform.
• Experience securing modern cloud-native architectures, including containerization technologies (e.g., Kubernetes, Docker) and serverless computing.
• Demonstrated ability to define secure architectural patterns and integrate security practices across the entire software development lifecycle (DevSecOps).
• Demonstrated ability to articulate complex security concepts to technical and non-technical stakeholders, fostering a collaborative security culture.
• Proficiency in evaluating, integrating, and optimizing a wide range of security tools and technologies, such as SIEM, WAF, DLP, and CSPM solutions.

About the job

This role is pivotal for proactively securing our platform and applications for Google's public sector customers, moving beyond reactive measures to embed security by design. You'll be responsible for developing and implementing comprehensive security architectures across cloud environments and software solutions. This involves defining secure patterns, standards, and best practices that ensure our infrastructure, applications, and data are resilient against evolving threats. You'll provide architectural leadership for new initiatives, conducting thorough security reviews, and identifying strategic improvements to existing systems. Your work will focus on automating security controls, integrating security into the full development lifecycle (DevSecOps), and ensuring holistic platform compliance with relevant industry standards and regulations.

Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.

Responsibilities

• Architect and implement robust security solutions for cloud platforms, ensuring secure configurations and compliance.
• Drive security automation and integrate security practices into CI/CD pipelines (DevSecOps).
• Identify, assess, and mitigate cloud security risks, and support incident response.
• Maintain adherence to security standards and conduct regular cloud security audits.
• Provide expert guidance on cloud security best practices and foster a security-aware culture.