Principal Security Architect, UK Security Operations

• Bachelor's degree in Computer Science, Cybersecurity, a related technical field, or equivalent practical experience.
• 8 years of experience in a customer-facing advisory role designing multi-cloud environments (e.g., IaaS, PaaS, and SaaS).
• Experience in defining secure architectural patterns and integrating security practices across the software development lifecycle (DevSecOps).
• Experience automating security controls and processes, including Infrastructure as Code (IaC) tools.
• Experience in critical security domains (e.g., network security, identity security, data security, application security).
• Previous or currently active UK Developed Vetting (DV) security clearance.

• Certifications in CISSP, CCSP, or relevant cloud-specific security credentials.
• Experience leading comprehensive threat modeling exercises and conducting detailed risk assessments for customer systems to identify security vulnerabilities.
• Experience in securing modern cloud-native architectures, including containerisation technologies (e.g., Kubernetes, Docker) and serverless computing.
• Experience in evaluating the integration of a range of security tools, such as SIEM, WAF, DLP, and CSPM.
• Understanding of security concerns associated with Generative AI and suitable mitigation strategies.
• Ability to articulate security concepts and recommendations to both technical and non-technical executive stakeholders.

The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private cloud services. We aim to provide the flexibility, reliability, and scalability of public cloud for customers with exceptionally high security requirements that can only be met in a private cloud environment. We deliver and operate these private cloud deployments for the most critical customers, helping scale, secure and maintain the deployment whilst working closely with Google product teams to continually improve our technology. This Principal Security Architect role is pivotal in supporting and guiding Google's public sector customers by acting as their executive, trusted security advisor.

As a Principal Security Architect, you will directly advise customers at all levels, from C‑suite to engineering, on security best practices, risk management, and compliance. You will be a key advisor and a primary point of contact for customer security strategy, translating technical concepts into clear, actionable recommendations. You will focus on building trusted relationships, fostering customer confidence, and ensuring their long‑term success and security on our cloud services.

In this role, you will be responsible for collaborating with and guiding customers on the development and implementation of comprehensive security architectures on Google's cloud platforms. This involves defining secure patterns, standards, and best practices that ensure their infrastructure, applications, and data are resilient against evolving threats. You will provide architectural leadership for customer initiatives, conducting thorough security reviews of customer designs, and identifying opportunities to improve their security posture.

• Act as the primary trusted security advisor for key public sector customers, providing consultation on security architecture, risk management, and compliance.
• Build and maintain collaborative relationships with customer stakeholders (from technical teams to C‑level), understanding their unique security needs and effectively communicating Google's security capabilities and best practices.
• Lead the design and review of secure solutions for customers on cloud platforms, ensuring secure configurations and demonstrating compliance pathways. Foster a security‑aware culture within customer organisations, advocating security‑by‑design principles.
• Guide customers on security best practices, including embedding security into their CI/CD pipelines (DevSecOps) and adopting security automation.
• Guide customers in identifying, assessing, and mitigating cloud security risks specific to their environments and workloads. Translate security standards and regulations into practical, achievable implementation plans for customer architectures.

Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit, is subject to Google's Applicant and Candidate Privacy Policy.

Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents‑to‑be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy , Know your rights: workplace discrimination is illegal , Belonging at Google , and How we hire .

If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.

Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.

To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.