Cyber Security Auditor, Internal Audit
Google · Chicago, IL | Sunnyvale, CA
mid
Security Analyst
ic
· Posted Jul 8, 2026
$124,000 – $178,000
USD per year
Skills
About this role
Google is hiring a mid-level Security Analyst based in Chicago, IL | Sunnyvale, CA. The posting calls out experience with Python, Java, SQL, Security. Compensation is listed at $124,000–$178,000 per year.
- Role
- Security Analyst
- Function
- security
- Level
- mid
- Track
- Individual contributor
- Employment
- Full-time
- Location
- Chicago, IL | Sunnyvale, CA
- Posted
- Jul 8, 2026
AI Summary
Mid-level Security Analyst on the Internal Audit team designs and executes audit programs to test security controls across Alphabet/Google products and services. Must have experience with risk assessments, internal controls, security frameworks (NIST, FedRAMP, ISO 27000, PCI-DSS, SOC 2), and coding proficiency. Requires ability to manage multiple projects in fast-paced environment while advising business and engineering teams on cybersecurity risks.
Job description
from Google careersAs a part of the Internal Audit team, your mission is to focus on reducing risk across the Alphabet. You will do this by monitoring the risk environment across the Alphabet and providing insights to enable effective risk management, work closely with teams and leadership to achieve a strong control environment that enhances and protects organizational value. You will serve as one of the company’s various lines of defense for staffing and developing our team to be control experts who deliver objective and reliable results. As a member of the team, you will advise the business and engineering groups to identify areas of cyber-security risk and make valuable recommendations on controls. You will have the opportunity to influence change and decisions for business initiatives including product launches and system implementations. You will enjoy working in a dynamic environment, passionate about technology and are able to focus on key issues and the details that come with it.
You will execute audit programs and procedures for key security controls that mitigate risk to Alphabet/Google and its Users.
US: $124000 - $178000 (USD) + 15% bonus target + equity + benefits
Learn more about benefits at Google.
You will execute audit programs and procedures for key security controls that mitigate risk to Alphabet/Google and its Users.
Individual pay is determined by factors including job-related skills, experience, and relevant education or training.
US: $124000 - $178000 (USD) + 15% bonus target + equity + benefits
Learn more about benefits at Google.
Responsibilities
- Build close working relationships with Security and Safety teams to understand the information security risk profile of a function, service, or product area and apply this knowledge to audit planning and execution.
- Design and execute audit programs and procedures to test and provide in-depth analysis on the design and operating effectiveness of key security controls that mitigate risks to Alphabet/Google and its Users at scale.
- Analyze audit results to draw meaningful conclusions and provide practical, risk-based, data-driven, and actionable recommendations for improvement.
- Prepare detailed audit reports summarizing scope, procedures, findings, and recommendations.
- Manage relationships with stakeholders relevant to areas of domain expertise (ex. Core, Security, Engineering) and leverage to gain meaningful risk insights to influence the Audit Risk Universe and engagement and service offering prioritization.
Minimum qualifications:
- Bachelor’s degree in Business, Accounting, Finance or equivalent practical experience.
- 4 years of experience in internal audit, risk or compliance roles.
- Experience working with relational database analysis (e.g., SQL).
- Experience supporting technical audits that utilize programming and SQL.
Preferred qualifications:
- Maintains CISSP, CCSP, PMP, CRISC, CISA, or other related security certifications.
- Experience testing controls to determine compliance with NIST, FedRAMP, ISO 27000 series, PCI-DSS, SOC 2, CCM or other security frameworks.
- Experience performing risk assessments, designing or implementing internal controls, auditing platforms, hardware, and devices, content moderation, online advertising, cloud technologies, content licensing, e-commerce, privacy, security, AI, or regulatory compliance.
- Understanding of coding in Python, Java, C++ or comparable language, evaluating for risk and design.
- Ability to navigate ambiguity, manage, coordinate multiple projects simultaneously in fast-paced, deadline-driven environment, accepting ownership and accountability of the process and delivering commitments.
More roles at Google
Lead, Regulatory Compliance Operations and Creator Policy Experience
San Bruno, CA · senior
Security Express
Technical Program Manager, Security
Singapore · mid
GCP Security Machine Learning
Product Manager, Google Partner Innovation
Singapore · mid
Machine Learning AI Agents
Senior Software Engineer, Site Reliability Engineering, Cloud Storage
Dublin, Ireland · senior
Distributed Systems GCP System Design
Senior Network Automation Engineer, Network Infrastructure and Capacity
Atlanta, GA | Thornton, CO · senior
Python GCP pandas
All Google jobs →