Job
Description
Job Overview We are seeking a skilled and proactive Cloud Security Engineer to design, implement, and manage security measures for cloud-based systems with a primary focus on Google Cloud Platform (GCP). In this role, you will be responsible for developing security policies, guiding teams through cloud migrations, and ensuring the integrity and availability of critical systems and data. You will work closely with cross-functional teams to integrate security into DevOps processes, automate infrastructure management through Infrastructure as Code (IaC), and oversee the security of Kubernetes-orchestrated environments. The ideal candidate will have strong DevSecOps expertise, hands-on experience with cloud infrastructure, and a deep understanding of both static and dynamic application security testing tools. Additional experience with backup and recovery processes, security incident management, and scripting for automation will be highly valued. Relevant certifications in cloud security and Kubernetes will be considered a strong plus. Key Responsibilities: Design and Implement Cloud Security Measures: Develop and enforce security policies and procedures for cloud-based systems, ensuring compliance with industry standards and best practices. Educate and Transition Security Frameworks: Guide teams in migrating existing on-premises security frameworks, such as Rubric, to cloud environments, ensuring seamless integration and functionality. Manage Secure Backup and Restore Processes: Oversee and enhance secure backup and restoration procedures for cloud-based data and applications. Infrastructure as Code Development: Utilize Terraform to automate the provisioning and management of cloud infrastructure, ensuring scalability and reliability. CI/CD Pipeline Integration: Collaborate with development teams to integrate security measures within Continuous Integration/Continuous Deployment pipelines. Complex Workload Restoration: Develop and implement strategies for restoring complex workloads in cloud environments, ensuring minimal downtime and data integrity. Advanced Cloud Services Management: Leverage advanced cloud services to optimize cloud resources' performance, security, and cost-efficiency. Kubernetes Security Oversight: Manage and secure containerized applications orchestrated through Kubernetes, ensuring adherence to security best practices. Qualifications: Educational Background: Bachelor's degree in Computer Science, Information Technology, or a related field. Professional Experience: Minimum of 3 years in cloud security engineering, focusing on GCP environments. Technical Proficiency: Strong DevOps experience in GCP cloud with experience in DevSecops and related tools, Understanding of application vulnerability and exposure to sast/dast tools. scripting (python, java) and software development experience Strong cloud infrastructure & DevOps hands-on experience in GCP. DevSecOps is Mandatory DevSecOps pipeline tools: Jenkins, Travis CI, and GitLab CI/CD are the leading-edge tools that seamlessly enable automated testing and security checks at various stages of the software development pipeline. Static application security testing (SAST) tools: Examples include Checkmarx, Fortify, and Veracode, which automatically scan the source code for vulnerabilities. Dynamic application security testing (DAST) tools: Tools like OWASP ZAP and Burp Suite are used to test running applications for security issues. Container Security Tools : Docker Security Scanning and Clair are tools for assessing container images for vulnerabilities. Infrastructure as Code (IaC) Security Scanning Tools: Tools like Terraform and AWS Config provide automated security checks for infrastructure deployment. Nice to have: Hands on experience in infrastructure (systems/backups/storage/vmware/db/networking) is a plus Exposure to security incident mgmt and vulnerability mgmt with an eye for scripting/automation is required. Certifications: Relevant certifications such as Google Professional Cloud Security Engineer, Certified Kubernetes Security Specialist (CKS), or similar are preferred. About TechBlocks TechBlocks is a global digital product engineering company with 16+ years of experience helping Fortune 500 enterprises and high-growth brands accelerate innovation, modernize technology, and drive digital transformation. From cloud solutions and data engineering to experience design and platform modernization, we help businesses solve complex challenges and unlock new growth opportunities. At TechBlocks, we believe technology is only as powerful as the people behind it. We foster a culture of collaboration, creativity, and continuous learning, where big ideas turn into real impact. Whether you're building seamless digital experiences, optimizing enterprise platforms, or tackling complex integrations, you'll be part of a dynamic, fast-moving team that values innovation and ownership.
