Security Engineer, Google Distributed Cloud Air-gapped Compliance

Google Google · Big Tech · Sunnyvale, CA +3

Security Engineer for Google Distributed Cloud air-gapped, focusing on compliance with Public Sector, Defense Industry, Critical National Infrastructure, and Financial Sector customer requirements. Responsibilities include establishing governance frameworks aligned with NIST SP 800-53-FedRAMP and other standards, conducting risk assessments, leading engineering projects for compliance, and advising on secure implementation options. Requires experience with global compliance frameworks and coding.

What you'd actually do

  1. Review and provide inputs about requirements across relevant regulatory frameworks and technical standards and determine their applicability to GDC air-gapped.
  2. Conduct implementation reviews and report on their findings.
  3. Conduct risk assessments, identify opportunities for compliance process improvements, and lead engineering projects to implement solutions for monitoring, audit tooling, reporting, alerting, and evidence generation/collection.
  4. Oversee engineering projects from a technical compliance perspective, collaborate with engineering teams on security and compliance improvements, and advise on compliant and secure implementation options during design reviews.
  5. Participate in compliance meetings, contribute subject matter expertise for decision-making and certification audits, support security assessments, develop an understanding of various compliance regimes (commercial, U.S. government, foreign governments, ISO), and assist with incident and vulnerability response.

Skills

Required

  • security assessments
  • security design reviews
  • threat modeling
  • coding
  • technical risk analysis
  • global compliance frameworks
  • FedRamp High
  • ISO 27001
  • NIST 800-53
  • AU-ISM

Nice to have

  • customer-facing and strategic capacity

What the JD emphasized

  • compliance requirements
  • governance frameworks
  • continuous compliance
  • security protocols
  • security regulations
  • compliance controls
  • certification audits
  • global compliance frameworks
  • accreditation