Post free Jobs, C2C Hotlists, vendors list and more

Home>GCP Security Engineer SecDevOps Specialist_ NYC, Atlanta, GA

GCP Security Engineer SecDevOps Specialist_ NYC, Atlanta, GA

C2C
  • C2C
  • Anywhere

Job Description:

GCP Security Engineer – SecDevOps/SRE Specialist

Location: NYC, NY & Atlanta, GA (Only Local)
Long term Contract / Hybrid
 

About the Role

We are seeking a GCP Security Engineer with a strong focus on SecDevOps to strengthen and enhance the security posture of our Google Cloud Platform (GCP) environment. In this role, you will collaborate with cross-functional teams, build robust security solutions, and implement practices that integrate security into all stages of the development lifecycle. Your expertise will help protect our cloud-native applications and data while ensuring compliance with industry standards.

Key Responsibilities

  • SecDevOps Implementation: Integrate security into CI/CD pipelines, ensuring automated testing, secure configurations, and vulnerability scans during the development lifecycle.
  • Security Design: Architect secure cloud-native solutions tailored to GCP environments, leveraging services such as Google Kubernetes Engine (GKE), Cloud Run, and BigQuery.
  • Cloud Security Posture Management (CSPM): Establish and maintain tools and frameworks for monitoring, assessing, and enhancing the GCP security posture.
  • IAM and Access Controls: Design and implement Identity and Access Management (IAM) policies and configurations to enforce least-privilege principles across GCP resources.
  • Incident Response and Threat Management: Develop incident response processes and deploy tools to detect, analyze, and respond to threats targeting GCP resources.
  • Compliance and Governance: Ensure compliance with frameworks such as ISO 27001, SOC 2, HIPAA, or others as applicable. Support audits and regulatory requirements.
  • Collaboration: Work closely with DevOps, engineering, and product teams to embed security into infrastructure as code (IaC) solutions using tools like Terraform or Google Deployment Manager.
  • Continuous Improvement: Conduct periodic security reviews and recommend improvements to security controls, processes, and tools.
 

Skills and Qualifications

Must-Have Skills

  • Proven experience securing GCP environments with a focus on services like Cloud Armor, VPC Service Controls, and Security Command Center.
  • Strong understanding of DevSecOps principles and hands-on experience integrating security into CI/CD pipelines (e.g., GitLab CI, Jenkins, or Cloud Build).
  • Expertise in scripting and automation using Python, Bash, or other languages.
  • In-depth knowledge of IAM policies, roles, and service accounts in GCP.
  • Experience with IaC tools like Terraform, Ansible, or Google Deployment Manager.
  • Familiarity with vulnerability management tools (e.g., Prisma Cloud, Qualys, or Tenable).
  • Knowledge of container security (e.g., GKE, Docker, Kubernetes security tools like Aqua or Twistlock).

Nice-to-Have Skills

  • GCP certifications such as Professional Cloud Security Engineer or Professional DevOps Engineer.
  • Familiarity with logging and monitoring tools like Stackdriver, Chronicle, or Splunk.
  • Hands-on experience with API security and protection mechanisms.
  • Background in threat modelling and risk assessments.

Key Attributes

  • Analytical and detail-oriented mindset with a passion for problem-solving.
  • Effective communication and collaboration skills for working across diverse teams.
  • Proactive and adaptable to evolving cloud security challenges.

Vishnu Singh
Email : vishnu@datumtg.com
Phone : 470 451 0404
 


From:
Vishnu,
Datum Tech
vishnu@datumtg.com
Reply to:   vishnu@datumtg.com