Live chat
Google, Inc.

Program Manager, Security and Compliance, Google Payments

Google, Inc. - Boulder, CO

Program Manager, Security and Compliance, Google Payments




Note: By applying to this position your application is automatically submitted to the following locations: Mountain View, CA, USA; San Francisco, CA, USA; Boulder, CO, USA

Google's projects, like our users, span the globe and require managers to keep the big picture in focus. As a Program Manager at Google, you lead complex, multi-disciplinary projects. You plan requirements with internal customers and usher projects through the entire project lifecycle. This includes managing project schedules, identifying risks and clearly communicating goals to project stakeholders. Your projects often span offices, time zones and hemispheres, and it's your job to keep all the players coordinated on the project's progress and deadlines.

As a Security & Compliance Program Manager, you will be a key player in information security, problem solving and relationship management to lead internal programs aimed at: identifying and mitigating security risks in our connection to vendors and partners; ensuring contractual security compliance with partners and customers; and driving design changes to increase the security and robustness of our integrations with credit-card networks, banks and other financial services companies.

The Google Product Infrastructure (GPI) team at Google is responsible for building infrastructure that powers Google's flagship products across the globe. We provide the cohesive set of shared Google technologies - such as identity, payments, notifications, and accounts - that work consistently across our platforms and enable Google's product teams to continue creating excellent products for billions of people seamlessly.


Lead vendor security efforts aimed at identifying security holes in our integration with external parties, and collaborate with other security teams at Google in the remediation of those deficiencies.

Conduct risk assessments of 3rd party vendors and partners to ensure services and/or integrations meet Google security and privacy standards and minimize security risks to Google.

Drive contract reviews in collaboration with the Business Development and Legal teams to define and negotiate suitable security and data-protection clauses in all agreements and contracts.

Serve as the primary point of contact for customer and partner questions related to compliance.

Work with business development and legal teams to ensure customer contractual security requirements are aligned with Google policy and ensure delivery of contractual security obligations.


Minimum qualifications:

BA/BS degree or equivalent practical experience.

Experience with regulatory or compliance requirements including: PCI DSS, SSAE16/18 SOC1 and SOC2, GLBA, FFIEC, ISO27K, Privacy Shield, GDPR, etc.

Risk management experience and experience working with risk frameworks (NIST 800-30, OCTAVE, ISO31K, etc.).

Experience with 3rd party risk management frameworks (e.g., VSA, SIG, VRMMM, AUP, etc.).

Preferred qualifications:

5 years of regulatory or compliance expertise for any of the following: PCI DSS as an ISA or QSA, SSAE16/18 SOC1 and SOC2, GLBA, FFIEC, ISO27K, Privacy Shield, GDPR.

3 years of risk management experience and experience working with risk frameworks (NIST 800-30, OCTAVE, ISO31K, etc.).

3 years of experience working with business/contractual law and contractual security compliance for customer engagements.

3 years of experience working with 3rd party risk measurement, monitoring, management and response.

At Google, we don’t just accept difference - we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know.

To all recruitment agencies:

Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees or any other company location. Google is not responsible for any fees related to unsolicited resumes.

190 days 11 hours ago

Google, Inc.


Program Manager, Security and Compliance, Google Payments Google, Inc. - Boulder, CO, United States


Location: Boulder, CO

Company Profile:
Google Inc., a technology company, builds products and provides services to organize the information. The company offers Google Search, which provides information online; Knowledge Graph that allows to search for things, people, or places, as well as builds systems that recognize speech and understand natural language; Google Now, which provides information to users when they need it; and Product Listing Ads that offer product image, price, and merchant information. It also provides AdWords, an auction-based advertising program; AdSense, which enables Websites that are part of the Google Network to deliver ads; Google Display, a display advertising network; DoubleClick Ad Exchange, a marketplace for the trading display ad space; and YouTube that offers video, interactive, and other ad formats. In addition, the company offers Android, an open source mobile software platform; hardware products, including Chromebook, Chrome, Chromecast, and Nexus devices; Google+ to share things online with people; Google Play, a cloud-based digital entertainment store for apps, music, books, and movies; Google Drive, a place for users to create, share, collaborate, and keep their stuff; and Google Wallet, a virtual wallet for in-store contactless payments. Further, it provides Google Apps, which include Gmail, Calendar, and Google Sites that are built for people to work anywhere, anytime, on any device without loss of security or control; Google Maps Application Programming Interface; and Google Earth Enterprise, a software solution for imagery and data visualization. Additionally, the company offers Google App Engine, a platform as a service offering; Google Cloud Storage; Google BigQuery for real time analytics; Google Cloud SQL for structured query language; and Google Compute Engine, an infrastructure as a service platform. It also offers mobile wireless devices, and related products and services. Google Inc. was founded in 1998 and is headquartered in Mountain View, California.