Security and Compliance Specialist

Location: London, UK

Job Level: Mid

Experience driving progress, solving problems, and mentoring junior team members; deeper expertise and applied knowledge within relevant area.

Apply

• Bachelor's degree in Cybersecurity, Computer Science, Risk Management, Auditing, a related field, or equivalent practical experience.
• 8 years of experience in a technical project management or a customer-facing role.
• 4 years of experience in Cybersecurity, Cybersecurity Risk Management, Compliance, or a related role.
• Experience in a security role working within Government, Public Sector or within Industry that is responsible for working with government assets.
• Eligibility and willingness to undergo Security Check (SC) security clearance, and ability to maintain it. Willingness to undergo Developed Vetting (DV) if required.
• Must be a British citizen to meet compliance and security clearance requirements.

• Experience with NIST 800-53, NIST CSF, NIST 800-37, ISO27001, JSP440, NCSC Cloud Security Principles, GovS007.
• Experience translating regulatory requirements into operational and technical control objectives.
• Knowledge and understanding about Cloud Security, Incident Response.
• Ability to drive programs across business and engineering teams with collaboration and leadership.
• Ability to manage ambiguity and to learn new skill sets.
• Current and active UK Security Check (SC) Security Clearance.

As a Security and Compliance Specialist, you will support the security and digital transformation of governments, critical infrastructure, enterprises, and small business. The Google Cloud CISO team is the integrated risk, security, compliance and privacy team for cloud. This role will sit within the GCPS-UK security team, supporting enterprise compliance, internal audit and business continuity. You will also be working with UK public sector customers on assurance and standards, providing knowledge and experience in UK government security and compliance. You will join a team with technical and security knowledge, operational expertise in enterprises, and risk management skills. You will help transform organizations in critical industries including health, energy, telecoms and the public sector, protect themselves and their customers.

Google Cloud accelerates every organization’s ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

• Partner closely with public sector customer security, Governance, Risk and Compliance (GRC) functions to help them navigate the journey to Google Distributed Cloud (GDC)-air gapped usage and address any concerns.
• Manage, coordinate, and facilitate enterprise security and compliance programs to ensure that Google Cloud Public Sector UK (GCPS-UK) meets regulatory and agreement requirements and that compliance risks are managed.
• Work with business area leads and external accreditors to ensure that adequate security measures are in place. Facilitate external and internal audits, compliance activities and security testing.
• Contribute to the identification of cloud related security and compliance design/development/deployment friction points from customers’ perspectives and collaborate across functional and product areas to resolve them.
• Partner with public sector customer security, risk and compliance functions to help them navigate the journey to cloud.

Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.

Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.

To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.