| Opening for GCP Security engineer or GCP devSecops in Remote at Remote, Remote, USA |
| Email: [email protected] |
|
Hi, I Hope you are doing well, a brief version of the job description is attached below, if you are interested revert to my mail with your updated resume Role: Sr. GCP Security engineer (devSecops) location: Remote Duration: 6+ C2H Rate: $65 to 70/hr on C2C Need only GC and USC and h4 ead and GC ead NO H1b or Cpt and opt and h1t visas Job Description: We are looking for an experienced Senior GCP Security Engineer (DevSecOps) to lead and drive security initiatives across our cloud environment. This senior-level role will focus on integrating security into the entire development and operational lifecycle, bridging the gap between Security Analysts, Architects, Developers, and Platform Engineers. The ideal candidate is a subject matter expert in GCP security, with a strong foundation in DevOps practices, and can implement cutting-edge security solutions across cloud infrastructure. You will play a key role in ensuring our GCP environment is secure, scalable, and compliant with industry standards Key Responsibilities : Security Leadership : Lead security design and architecture reviews for GCP environments, ensuring security is embedded at all layers of the infrastructure. o Define and implement security standards for GCP infrastructure, including network segmentation, firewall rules, and secure configurations for compute, storage, and database services. o Conduct threat modeling exercises to identify potential security risks and develop mitigation strategies. o Establish and maintain security baselines for GCP resources Strategic Collaboration : Partner with security architects, developers, and platform engineers to implement security best practices across DevSecOps pipelines and cloud infrastructure. o Work closely with development teams to integrate security testing into the software development lifecycle (SDLC). o Collaborate with operations teams to implement security monitoring and incident response processes. o Provide guidance to architects and engineers on secure cloud design patterns and best practices. Advanced Cloud Security: Develop and enhance security controls in GCP, including identity and access management (IAM), encryption strategies, and cloud security posture management (CSPM). DevSecOps Advocacy : Champion the integration of security automation tools (SAST, DAST, IaC scanning) into CI/CD pipelines, ensuring proactive identification and remediation of vulnerabilities. Security Automation: Build and maintain automated security tooling for cloud infrastructure, using Infrastructure as Code (IaC) technologies like Terraform or CloudFormation to streamline security operations. Incident Response & Threat Hunting : Collaborate with security operations and incident response teams during investigations and implement remediations for security incidents in GCP. o Develop and implement security incident response plans for GCP environments . o Proactively hunt for threats and vulnerabilities in GCP using threat intelligence and security analytics platforms. Compliance & Risk Management: Ensure adherence to security frameworks (SOC 2, ISO 27001, NIST, etc.) and assist with cloud governance, risk, and compliance initiatives. o Conduct security assessments and audits to ensure compliance with relevant regulations and industry standards (e.g., SOC 2, ISO 27001, PCI DSS, FERPA, GDPR, CCPA). o Develop and maintain a risk register for GCP environments, identifying and prioritizing security risks. Monitoring & Threat Detection : Partner with Infosec on implementation and managing security monitoring, logging, and alerting mechanisms across GCP, leveraging native services and third-party tools for continuous security visibility. Continuous Security Improvement: Lead eXorts to continuously evaluate and improve platform security practices in response to emerging threats, evolving technologies, and industry trends. o Stay abreast of emerging security threats, vulnerabilities, and best practices in the cloud security domain. o Research and evaluate new security technologies and tools to enhance the security posture of GCP environments. o Contribute to the development of security policies and standards for the organization. Required Skills & Qualifications : Experience: 7+ years of experience in cloud security engineering, with at least 3 years focused on GCP. 3+ years experience with Terraform. Certifications : GCP Professional Cloud Security Engineer certification is required. Additional certifications such as GCP Professional Cloud Architect, Certified Kubernetes Security Specialist (CNCF), or CISSP are highly preferred. DevSecOps Expertise: Strong experience with integrating security within CI/CD pipelines using tools like Jenkins, GitLab, CircleCI, or similar. Cloud Security Mastery: Deep expertise in GCP services such as IAM, KMS, VPC, Cloud Security Command Center, and security best practices for GCP-native services. Automation & IaC: Proficiency with Infrastructure as Code tools (Terraform, CloudFormation) and cloud security automation. Programming & Scripting: Advanced proficiency in languages like Python, Bash, or similar for automating security tasks and orchestrating security processes. Security Tools & Frameworks: Hands-on experience with security tools like SAST, DAST, vulnerability scanning, and container security. Familiarity with frameworks such as OWASP, NIST, and CIS. Soft Skills : Excellent communication and leadership skills, with the ability to work across technical and non-technical teams to implement security strategies. Preferred Qualifications: Expertise with containerization and orchestration technologies (Docker, Kubernetes), including security measures for microservices and containerized applications. Experience in Zero Trust security models and GCP implementation strategies. Knowledge of security compliance frameworks (SOC 2, HIPAA, PCI-DSS) and GCP compliance services -- Keywords: continuous integration continuous deployment information technology green card Opening for GCP Security engineer or GCP devSecops in Remote [email protected] |
| [email protected] View All |
| 07:47 PM 10-Oct-24 |