GCP Cloud Security Engineer

Primary Responsibilities:

• Develop, test, and deploy Public Cloud Controls across multi-cloud environments, with a primary focus on Google Cloud Platform (GCP).
  
• Provide security recommendations and solutions for cloud-native and migrated applications across major cloud providers (GCP, AWS, Azure).
  
• Act as a subject matter expert for cloud security tools, DevOps practices, and secure cloud architecture across all major cloud platforms.
  
• Implement and manage security controls specific to GCP, including organizational policies, VPC Service Controls, IAM policies, and API security.
  
• Collaborate with cross-functional teams and vendors to design, deploy, and validate cloud security services.
  
• Monitor and respond to security posture changes and configuration drifts in the cloud environment; coordinate remediation efforts with relevant stakeholders.
  
• Integrate, configure, and document compliant cloud infrastructure and supporting services.
  
• Troubleshoot and analyze root causes of security issues or bugs introduced by security solutions; drive fixes or mitigations.
  
• Work closely with internal risk management, security architecture, and incident response teams to ensure cloud services are compliant with required security controls.
  
• Participate in a globally distributed team environment to design and implement scalable, secure cloud solutions.
  

Required Skills:

• 5+ years of experience in software engineering and/or cloud platform engineering, with a strong focus on Google Cloud Platform.
  
• Deep understanding of the Shared Responsibility Model and associated cloud security risks.
  
• Hands-on experience developing security controls across the cloud security lifecycle (prevent, detect, respond, remediate).
  
• Experience configuring native security features on GCP, such as Org Policies, VPC SC, IAM, and API controls.
  
• Proficiency with event-driven and serverless security solutions across cloud providers (e.g., Google Cloud Functions, AWS Lambda, Azure Functions, Automation Runbooks).
  
• Strong background in DevOps processes and secure software development lifecycle (Secure SDLC).
  
• Proficiency with Infrastructure as Code (IaC) tools, particularly Terraform.
  
• Familiarity with logging, monitoring, and data pipeline architectures in cloud environments.
  
• Strong scripting skills (Python, PowerShell, Bash, or Go).
  
• Ability to produce high-quality technical documentation, including architectural designs and runbooks.
  
• Experience building and securing CI/CD pipelines.
  
• Hands-on experience with GitHub Actions, Jenkins, or similar CI/CD tools.
  
• Familiarity with IT Service Management (ITSM) practices and tools.
  
• Strong interpersonal and communication skills, with the ability to explain complex technical issues to non-technical stakeholders.
  
• Experience with risk control frameworks and interfacing with risk or regulatory teams.
  
• Experience in regulated industries such as finance is a plus.
  
• Knowledge of Policy-as-Code concepts and platforms (e.g., Rego/OPA) is a plus.
  
• Cloud security certifications (e.g., GCP Professional Cloud Security Engineer, AWS Security Specialty, Azure Security Engineer) are a plus.