| GCP Security Engineer SecDevOps Specialist_ NYC, Atlanta, GA at NYC, New York, USA |
| Email: [email protected] |
| From: Vishnu, Datum Tech [email protected] Reply to: [email protected] Job Description: GCP Security Engineer SecDevOps/SRE Specialist Location: NYC, NY & Atlanta, GA (Only Local) Long term Contract / Hybrid About the Role We are seeking a GCP Security Engineer with a strong focus on SecDevOps to strengthen and enhance the security posture of our Google Cloud Platform (GCP) environment. In this role, you will collaborate with cross-functional teams, build robust security solutions, and implement practices that integrate security into all stages of the development lifecycle. Your expertise will help protect our cloud-native applications and data while ensuring compliance with industry standards. Key Responsibilities SecDevOps Implementation: Integrate security into CI/CD pipelines, ensuring automated testing, secure configurations, and vulnerability scans during the development lifecycle. Security Design: Architect secure cloud-native solutions tailored to GCP environments, leveraging services such as Google Kubernetes Engine (GKE), Cloud Run, and BigQuery. Cloud Security Posture Management (CSPM): Establish and maintain tools and frameworks for monitoring, assessing, and enhancing the GCP security posture. IAM and Access Controls: Design and implement Identity and Access Management (IAM) policies and configurations to enforce least-privilege principles across GCP resources. Incident Response and Threat Management: Develop incident response processes and deploy tools to detect, analyze, and respond to threats targeting GCP resources. Compliance and Governance: Ensure compliance with frameworks such as ISO 27001, SOC 2, HIPAA, or others as applicable. Support audits and regulatory requirements. Collaboration: Work closely with DevOps, engineering, and product teams to embed security into infrastructure as code (IaC) solutions using tools like Terraform or Google Deployment Manager. Continuous Improvement: Conduct periodic security reviews and recommend improvements to security controls, processes, and tools. Skills and Qualifications Must-Have Skills Proven experience securing GCP environments with a focus on services like Cloud Armor, VPC Service Controls, and Security Command Center. Strong understanding of DevSecOps principles and hands-on experience integrating security into CI/CD pipelines (e.g., GitLab CI, Jenkins, or Cloud Build). Expertise in scripting and automation using Python, Bash, or other languages. In-depth knowledge of IAM policies, roles, and service accounts in GCP. Experience with IaC tools like Terraform, Ansible, or Google Deployment Manager. Familiarity with vulnerability management tools (e.g., Prisma Cloud, Qualys, or Tenable). Knowledge of container security (e.g., GKE, Docker, Kubernetes security tools like Aqua or Twistlock). Nice-to-Have Skills GCP certifications such as Professional Cloud Security Engineer or Professional DevOps Engineer. Familiarity with logging and monitoring tools like Stackdriver, Chronicle, or Splunk. Hands-on experience with API security and protection mechanisms. Background in threat modelling and risk assessments. Key Attributes Analytical and detail-oriented mindset with a passion for problem-solving. Effective communication and collaboration skills for working across diverse teams. Proactive and adaptable to evolving cloud security challenges. Vishnu Singh Email : [email protected] Phone : 470 451 0404 Keywords: continuous integration continuous deployment Georgia New York GCP Security Engineer SecDevOps Specialist_ NYC, Atlanta, GA [email protected] |
| [email protected] View all |
| Tue Nov 19 21:02:00 UTC 2024 |