GCP Security Services Engineer

Client is looking for GCP Cloud Security Engineer with strong expertise in securing Google Cloud environments. Must have hands-on experience in developing Infrastructure-as-Code (IaC) templates using Terraform to automate security and ensure compliance by default.

Should be able to integrate security tools (SAST SCA DAST) into CI/CD pipelines for early vulnerability detection and operate DevSecOps workflows. Candidate must analyse HGMS cloud violations and CVEs create remediation plans and enforce security best practices.

We need profiles who are immediate joiners or max 30 days notice period.

Inputs on clear JD ::

This position requires hands-on cloud security engineering position with DevSecOps depth and IaC competency optimized for GCP.

Currently no bench available under Infrasec Cloud hence please create indent under GCP Security Services and tag for external hiring.

We might need help from TVM practice to assess skills on DevSecOps pipelines (SAST/SCA/DAST in CI/CD) as well .

Please suggest skill and share profiles for below JD.

Key Responsibilities:

Implement Security Controls: Deploy and manage security technologies in GCP including identity and access management (IAM) network security firewalls data encryption and security logging.

Automate Security: Develop infrastructure-as-code (IaC) templates using Terraform to create secure compliant cloud resources by default.

Operate DevSecOps Pipelines: Integrate security tools (SAST SCA DAST) into CI/CD pipelines to identify vulnerabilities early in the development lifecycle.

Monitor & Respond: Manage cloud security monitoring alerting and participate in incident response activities for cloud-based threats.

Assess & Harden: Conduct security assessments of cloud environments identify misconfigurations and work with teams to implement remediation.

Support & Guide: Provide technical guidance to developers and engineers on secure coding practices and cloud security best practices.

Desired Qualifications & Skills:

Hands-on experience securing Google Cloud Platform (GCP); familiarity with AWS or Azure is a plus.

Proven ability to write Infrastructure-as-Code (IaC) with Terraform.

Experience with scripting or programming using languages like Python Go or JavaScript.

Practical knowledge of Kubernetes and container security principles.

Understanding of DevSecOps principles and experience integrating security tools into CI/CD pipelines.

Familiarity with cloud security concepts: IAM network segmentation data protection and logging/monitoring.

Preferred Certifications: Google Professional Cloud Security Engineer HashiCorp Terraform Associate or similar.