Proactive Security Lead, UK Security Operations
- linkCopy link
- emailEmail a friend
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 5 years of experience in cybersecurity, with an offensive security (e.g., Red Teaming, Penetration Testing, or Adversary Simulation) or threat modeling.
- Experience in a Security Operations Centre (SOC) or similar environment, with modern threat landscapes and attack techniques.
- Experience in technical troubleshooting and writing code in one or more programming languages.
- Experience in threat modeling methodologies (e.g., STRIDE, PASTA, or attack trees) and secure system design principles.
- United Kingdom Security Vetting Developed Vetting (DV) clearance.
Preferred qualifications:
- Certifications in OSCE3, CRTP/CRTE, GIAC GCSA/Kubernetes-related, OSCP, OSCE, CRTO, CISSP, or GIAC (e.g., GPEN, GCTI, GWAPT).
- Experience designing or executing Purple Team exercises, combining offensive tactics with defensive feedback to drive continuous improvement.
- Experience with Kubernetes security, including secure cluster configuration, workload hardening, and threat detection in containerised environments.
- Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement.
- Experience with security testing tools and frameworks (e.g., MITRE ATT&CK, Cobalt Strike, Metasploit, Burp Suite, or similar).
About the job
The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private cloud services. We aim to provide the flexibility, reliability, and scalability of public cloud for customers with exceptionally high security requirements that can only be met in a private cloud environment. We deliver and operate these private cloud deployments for the most critical customers, helping scale, secure and maintain the deployment whilst working closely with Google product teams to continually improve our technology.
As the Proactive Security Lead, you will drive key proactive security initiatives within the Security Operations Centre (SOC). You will lead Red and Purple Team exercises across the platform, translating findings into actionable recommendations for stakeholders to strengthen security posture. Additionally, you will facilitate comprehensive threat modeling sessions to identify potential vulnerabilities and support the development of effective mitigation strategies. Beyond technical leadership, you will robust security culture across Google Public Sector UK, promoting best practices and awareness at all levels.
Google Public Sector brings the magic of Google to the mission of government and education with solutions purpose-built for enterprises. We focus on helping United States public sector institutions accelerate their digital transformations, and we continue to make significant investments and grow our team to meet the complex needs of local, state and federal government and educational institutions.Responsibilities
- Lead Red and Purple Team exercises across the platform, identifying weaknesses and translating findings into actionable improvements.
- Drive proactive security programs within the Security Operations Centre (SOC) to enhance overall security posture.
- Facilitate comprehensive threat modeling sessions, identifying potential vulnerabilities and supporting mitigation strategy development.
- Translate technical security findings into actionable recommendations for relevant stakeholders across the organisation.
- Advocate a strong security culture across Google Public Sector UK, promoting security awareness and best practices.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.