Job Title: Cloud Support Security Engineer (GCP)
Role Summary:
The Cloud Security Engineer (GCP) is responsible for designing, implementing, and maintaining robust security measures within Google Cloud Platform environments. Leveraging 5 years of experience, this role involves securing cloud infrastructure, implementing security controls, and ensuring compliance with industry best practices and regulatory requirements. This engineer will play a pivotal role in protecting sensitive data and infrastructure through proactive security measures and advanced threat mitigation strategies.
Key Responsibilities:
- Security Architecture and Implementation:
- Design and implement secure cloud architectures on GCP, adhering to security best practices and industry standards
- Configure and manage GCP security services, including Cloud IAM, Security Command Center, VPC Service Controls, and Cloud Armor
- Implement and manage security controls for compute, storage, and networking resources in GCP
- Develop and implement security policies, standards, and procedures for GCP environments
- Vulnerability Management and Threat Mitigation:
- Conduct regular vulnerability assessments and penetration testing of GCP environments
- Analyze security logs and alerts to identify potential threats and security incidents
- Develop and implement strategies to mitigate security risks and vulnerabilities
- Contribute to the development and improvement of security monitoring and logging solutions
- Automation and Orchestration:
- Automate security tasks and processes to improve efficiency and reduce manual effort
- Implement Infrastructure as Code (IaC) for security configurations using tools like Terraform
- Develop and maintain security automation scripts and tools
- Compliance and Auditing:
- Ensure compliance with relevant security standards and regulations (e.g., CIS, NIST, SOC 2, GDPR) within GCP environments
- Participate in security audits and assessments, providing necessary documentation and evidence
- Maintain up-to-date knowledge of security best practices and emerging threats
- Collaboration and Communication:
- Collaborate with development and operations teams to integrate security into the software development lifecycle (SDLC)
- Provide clear and concise communication to stakeholders regarding security risks, recommendations, and best practices
- Create and maintain security documentation, including policies, procedures, and architectural diagrams
Requirements
Required Skills and Qualifications:
- 5+ years of experience in cloud security, with a strong focus on Google Cloud Platform
- Deep understanding of GCP security services and best practices
- Experiance on Cloud IAM and Cloud Armor is a MUST
- Proficiency in scripting languages (e.g., Python, Bash) and automation tools (e.g., Terraform)
- Experience with security monitoring and logging tools (e.g., Cloud Logging, Security Command Center)
- Knowledge of security compliance frameworks and standards
- Excellent problem-solving, analytical, and communication skills
- Bachelor's degree in Computer Science, Information Security, or a related field
- Google Cloud Security Certifications are highly valued
