Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 2 years of experience in Internal Audit, Risk, or Compliance roles.
- Experience supporting technical audits that utilize programming and SQL.
- Experience designing, implementing, or testing internal controls and reviewing business processes in conjunction with underlying systems.
- Experience developing audit programs, reporting on audit findings, or making recommendations for risk mitigation.
Preferred qualifications:
- CISSP, CCSP, PMP, CRISC, CISA, or other related certifications.
- Experience testing controls to determine compliance with NIST, FedRAMP, ISO 27000 series, PCI-DSS, SOC 2, CCM or other security frameworks.
- Experience with relational databases (e.g., SQL).
- Experience performing risk assessments, designing, or implementing internal controls, and auditing platforms, hardware, and devices, content moderation, online advertising, cloud technologies, content licensing, e-commerce, privacy, security, AI, or regulatory compliance.
- Knowledge of structures/principles of object-oriented programming (e.g., Python, Java, C++, etc.) to evaluate risk and design.
- Ability to navigate ambiguity, manage multiple projects in a changing environment, while accepting ownership/accountability.
The Internal Audit team's mission is to focus on reducing risk across Alphabet by monitoring the risk environment and providing insights to enable risk management. The team works with leadership/other teams to achieve a stable environment that enhances and protects organizational value.
In this role, you will advise the business and engineering groups to identify areas of risk and make valuable recommendations on controls. You will have the opportunity to influence change and decisions for business initiatives including product launches and system implementations.The US base salary range for this full-time position is $101,000-$144,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about
benefits at Google.
- Work and build relationships with Security and Safety teams to understand the information security risk profile of a function, service, or product area for audit planning and execution.
- Design and execute audit programs and procedures to test and provide analysis on the design and operating effectiveness of key security controls that mitigate risks.
- Analyze audit results, draw conclusions, and provide practical, risk-based, data-driven recommendations for improvement.
- Prepare detailed audit reports summarizing scope, procedures, findings, and recommendations.
- Manage relationships with stakeholders and leverage to gain meaningful risk insights to influence the audit risk universe and engagement and service offering prioritization.
