"Alerted.org

Minimum qualifications:

+ Bachelor's degree or equivalent practical experience.

+ 4 years of experience in Internal Audit, Risk, or Compliance roles with a focus on Cybersecurity.

+ Experience designing, implementing, or testing internal controls and reviewing business processes in conjunction with underlying systems.

+ Experience developing audit programs, reporting on audit findings, or making recommendations for risk mitigation.

Preferred qualifications:

+ CISSP, CCSP, PMP, CRISC, CISA, or related certifications.

+ Experience with relational databases (e.g., SQL).

+ Experience with structures/principles of object-oriented programming, using Python, Java, C++ or comparable language to evaluate for risk and design.

+ Experience testing controls to determine compliance with NIST, FedRAMP, ISO 27000 series, PCI-DSS, SOC 2, CCM or other frameworks.

+ Experience performing risk assessments, designing, or implementing internal controls, and auditing platforms, hardware, and devices, content moderation, online advertising, cloud technologies, content licensing, e-commerce, privacy, security, AI, or regulatory compliance.

+ Ability to navigate ambiguity, and manage/coordinate multiple projects simultaneously in a fast-paced, deadline-driven environment.

The Internal Audit team's mission is to focus on reducing risk across Alphabet by monitoring the risk environment and providing insights to enable risk management. The team works with leadership/teams to achieve a control environment that enhances and protects organizational value. As a member of the team, you’ll advise the business and engineering groups to identify areas of risk and make valuable recommendations on controls. You’ll have the opportunity to influence change and decisions for business initiatives including product launches and system implementations.

The US base salary range for this full-time position is $122,000-$174,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google (https://careers.google.com/benefits/) .

+ Work and build relationships with Security and Safety teams to understand the information security risk profile of a function, service, or product area for audit planning and execution.

+ Design and execute audit programs and procedures to test and provide analysis on the design and operating effectiveness of key security controls that mitigate risks.

+ Analyze audit results, draw conclusions, and provide practical, risk-based, data-driven recommendations for improvement.

+ Prepare detailed audit reports summarizing scope, procedures, findings, and recommendations.

+ Manage relationships with stakeholders and leverage to gain meaningful risk insights to influence the Audit Risk Universe and engagement and service offering prioritization.

Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also https://careers.google.com/eeo/ and https://careers.google.com/jobs/dist/legal/OFCCP_EEO_Post.pdf If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form: https://goo.gl/forms/aBt6Pu71i1kzpLHe2.