Privacy Associate Auditor, Internal Audit

Internal Audit‘s mission is to focus on reducing risk across Alphabet. Monitoring the risk environment across Alphabet and providing insights to enable effective risk management, we do this. We work closely with teams and leadership to achieve a control environment that enhances and protects organizational value. For staffing and developing our team to be control experts who deliver objective and reliable results, we serve as one of the company’s various lines of defense.

In this role, you will advise the business and engineering groups to identify areas of risk and make valuable recommendations on controls. Including product launches and system implementations, you will have the opportunity to influence change and decisions for business initiatives. You enjoy working in a dynamic environment, are passionate about technology and are able to focus on key issues and the details that come with it. You will lead the end-to-end audit process for Alphabet’s privacy and data governance sectors. Identifying risk profiles and designing scalable testing programs to evaluate the effectiveness of key privacy controls, you will collaborate with Legal, Engineering, and Privacy teams.

The US base salary range for this full-time position is $101,000-$144,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.

Responsibilities

• Work with Privacy and data governance teams to understand the privacy risk profile and use this knowledge for audit planning and execution.
• Design and execute audit programs and procedures to scalably test and provide in-depth analysis on the design and operating effectiveness of key privacy controls that mitigate risks to Alphabet, Google, and its users.
• Analyze audit results, draw meaningful conclusions, and provide practical, risk-based, data-driven, and actionable recommendations for improvement.
• Prepare detailed audit reports summarizing scope, procedures, findings, and recommendations.
• Manage relationships with stakeholders relevant to areas of domain expertise (e.g., Privacy, Engineering, Legal) and leverage them to gain meaningful risk insights to influence the Audit Risk Universe, engagement, and service offering prioritization.

Minimum qualifications:

• Bachelor's degree or equivalent practical experience.
• 2 years of experience in internal audit, risk or compliance roles.
• Experience designing, implementing or testing internal controls and reviewing business processes in conjunction with underlying systems.
• Experience developing audit programs, reporting on audit findings or making recommendations for risk mitigation.
• Experience in privacy concepts (e.g., anonymization, consent, data portability, notification, and deletion).

Preferred qualifications:

• Maintain CIPP, CISSP, CISA, or other related privacy or audit certifications.
• Experience performing risk assessments, designing or implementing internal controls, and auditing platforms, hardware, and devices, content moderation, online advertising, cloud technologies, content licensing, e-commerce, privacy, security, AI, or regulatory compliance.
• Familiarity with basic structures and principles of object-oriented programming and understanding of coding in Python, Java, C++ or comparable language, evaluating for risk and design.
• Ability to navigate ambiguity, manage multiple project assignments in a deadline-driven environment, and take ownership of the process to deliver on commitments.
• Proficiency in relational database analysis (e.g., SQL).