As a Foundational Directives Lead, you will ensure Google's products and technologies comply with the relevant ISO 27000 series and SOC frameworks. You will lead the effort to achieve and maintain compliance with these Foundational Directives, managing the entire program, from planning and readiness to ongoing maintenance and improvement as business and customer needs evolve. You will develop and implement a robust framework that ensures consistent, efficient, and effective compliance practices. This role also involves planning for audit requirements, managing schedules, ensuring timely completion of audits, and communicating clearly with project stakeholders. You will collaborate closely with product teams and the compliance ecosystem, ensuring we are audit-ready and meet the company's objective to leverage assurance as a business enabler and provide competitive advantage.

<p>Check out our career opportunities at goo.gle/3DLEokh</p>

Google

Senior Software Engineering Manager, Infrastructure, Google Cloud Data Management

Web Solutions Engineer, University Graduate, 2025

Security Sales Specialist, Google Public Sector

Data Center Operations Manager, Server Operations (English, Dutch)

Staff Software Engineer, Site Reliability Engineering, Google Cloud

Early Career Software Engineer, Black Community Inclusion

Account Manager, People with Disabilities (English, Portuguese)

Software Engineer, Black Community Inclusion

Software Engineer III, Site Reliability Engineering, Google Cloud

Software Engineer, People with Disabilities

<div jscontroller="iYVHDc" class="DkhPwc" jsname="tIk9qd" data-id="84279952966329030" jsaction="A6AxKc:CXOOvf;"><div class="KwJkGe"><h3>Minimum qualifications:</h3><ul>
<li>Bachelor's degree or equivalent practical experience.<br></li>
<li>7 years of experience in compliance, risk management, investigation, auditing, legal or consulting.<br></li>
</ul><br><h3>Preferred qualifications:</h3><ul>
<li>Experience in implementing ISO 27000 series and SOC programs, including the development of risk assessments.</li>
<li>Experience with testing Information technology general controls (ITGC) Sarbanes Oxley Law (SOX), and security and privacy controls.<br></li>
<li>Knowledge of risk assessment methodologies and audit frameworks.<br></li>
<li>Excellent attention to detail, investigative, and problem-solving skills.<br></li>
</ul></div><div class="aG5W3"><h3>About the job</h3><p>Risk, Compliance and Integrity organization (RCI) brings together critical compliance, assurance, risk and governance functions across Google to help the company meet compliance needs and enable our businesses to innovate. Our goal is to make compliance an advantage for Google by driving scaled, data-driven, and policy-based compliance programs. We manage our operations through risk-based prioritization, governance, and consistent and constructive regulator engagement.</p><p>In the Foundational Directives lead role, you’ll make sure that when Google pursues a product or technology, we do it in compliance with the relevant ISO 27000 series and SOC frameworks. In this role, you will lead our efforts in achieving and maintaining compliance with these Foundational Directives, managing the entire compliance program, from planning and readiness to ongoing maintenance and improvement as the business and customers’ needs evolve. You’ll develop and implement a robust framework that ensures consistent, efficient, and effective compliance practices.</p><p>In this role, you’ll also plan for audit requirements, manage schedules, ensure timely completion of audits, and communicate clearly with project stakeholders. You’ll collaborate closely with product teams and our compliance ecosystem, ensuring we are audit-ready and meet the company’s objective to leverage assurance as a business enabler and provide competitive advantage.</p>The US base salary range for this full-time position is $126,000-$187,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.<div><br></div><div>Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about .<p><b></b></p></div></div><div class="BDNOWe"><h3>Responsibilities</h3><ul>
<li>Develop and implement a comprehensive Foundational Directives program (ISO 27000 series and SOC 1/2/3), including guidelines and a robust risk assessment framework to identify, assess, and mitigate potential risks.<br></li><li>Streamline and standardize Foundational Directives compliance processes across the organization, leveraging technology and automation where possible. Create a roadmap for achieving and maintaining compliance with Foundational Directives.<br></li><li>Provide training and awareness programs to educate Googlers on Foundational Directives’ compliance requirements and their roles in maintaining compliance.<br></li><li>Participate in the planning, readiness and audit execution phases, including scoping, risk assessment, preparation of documentation, the control re-validation, and support of audit programs performed by external auditors.<br></li><li>Manage, coordinate, and facilitate processes to address auditor’s inquiries, activities and requests effectively and timely.</li>
</ul></div></div>

Foundational Directives Lead, Certifications and Attestations