Head of Cyber Security, Google Cloud Public Sector
As a part of Google Cloud Public Sector UK, you will empower the UK public sector to build a digital-first future. You will bridge the gap between innovation and public service, bringing Google Cloud’s technology to the mission-critical problems of the UK government.
Security is paramount for the problems we work on and the customers we work with. In this executive security leadership role, you will be driving the delivery of key security programmes for customers, ensuring our cloud services mitigate threats and enable the customers to take full advantage of the opportunities Google Cloud’s technologies offer to transform services and mission-critical workloads.
You will influence both the most executive security leaders in customers and their most technical representatives, through thought leadership, whiteboard sessions, developing whitepapers, speaking at events, and solving their technical problems. You will engage with internal engineering teams to drive product enhancements that help meet our customer needs for security, and will partner with the UK-based operations teams who build and scale sovereign cloud.
You will have extensive experience of working in UK public sector security in a complex organisation that has implemented highly secure infrastructure and application platforms through cloud-related innovation in highly regulated, high threat environments. You will have a detailed understanding of one or more of the following aspects of cloud security: security architecture, security operations, security engineering, governance risk and compliance.
Security is paramount for the problems we work on and the customers we work with. In this executive security leadership role, you will be driving the delivery of key security programmes for customers, ensuring our cloud services mitigate threats and enable the customers to take full advantage of the opportunities Google Cloud’s technologies offer to transform services and mission-critical workloads.
You will influence both the most executive security leaders in customers and their most technical representatives, through thought leadership, whiteboard sessions, developing whitepapers, speaking at events, and solving their technical problems. You will engage with internal engineering teams to drive product enhancements that help meet our customer needs for security, and will partner with the UK-based operations teams who build and scale sovereign cloud.
You will have extensive experience of working in UK public sector security in a complex organisation that has implemented highly secure infrastructure and application platforms through cloud-related innovation in highly regulated, high threat environments. You will have a detailed understanding of one or more of the following aspects of cloud security: security architecture, security operations, security engineering, governance risk and compliance.
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 10 years of experience in a technical cyber security role.
- 5 years of experience in a technical leadership role and in a customer-facing role.
- 5 years of experience in UK public sector and in particular in applying UK government security standards, risk management processes or working in a regulated security environment.
- Must possess an active Security Check (SC) UK security clearance, and the ability to obtain Developed Vetting (DV) UK security clearance.
Preferred qualifications:
- Master's degree in cyber security, computer science, risk management, auditing, or a related field.
- Experience in undertaking security architecture reviews, identifying (and remediating) security vulnerabilities in products or systems.
- Experience in delivering security change programs or embedding new security practices and technologies in engineering teams.
- Experience with a wide range of information security standards and certifications, understanding their application as well as their relative strengths and weaknesses (ISO 27000 family, NIST CSF, SOC reports, PCI DSS etc.).