Senior GCP Cloud Security Strategist

We are seeking a skilled GCP Cloud Lead Security professional to join our team. In this role, you will be responsible for defining low-level strategy and configurations for security solutions as part of GCP Cloud Strategy.

Your key responsibilities will include overseeing and defining technical strategy (low-level design) and configurations for the following among other security solutions associated with the GCP environment :

• Endpoints protection against real-time malware by identifying and blocking threats and attack surface reduction including endpoint data loss prevention.
• Implement strict IAM policies to ensure that only authorized users access cloud resources.
• Anomaly Behaviour.
• Apps adaptive access, device compliance and access control.
• Infrastructure security (serverless, containers, IaaS, PaaS, Databases).
• Cloud App Security (SaaS).
• GCP Policies and Security Governance.
• Security Posture Management (Cloud Compliance).
• WAF / DDoS
• Privilege access Management.
• File Integrity Monitoring.
• Integration of Logs with SIEM for monitorization
• Definition of use case scenarios for monitorization of GCP apps together with SOC.
• Strategy for AI in GCP Cloud.

Requirements :

Technical Background :

Proven work experience as a Security Engineer or GCP Platform Security Expert or similar role, with strong technical background in various IT security technologies, including infrastructure, applications, data, cloud, and network communications.

Extensive experience in migration projects, moving high volume databases from legacy to cloud native solutions.

Enthusiasm for staying up-to-date with the latest updates about security threats and solutions.

Strong time management and organizational skills.

Previous exposure to Linux and / or Windows Operating Systems, coding languages, and / or Networks.

Strong experience on major's ERPs (SAP) with a wide experience rolling out them.

Strong experience on GCP and other cloud vendors technologies (Microsoft and AWS).

Strong data-oriented mindset.

Excellent technical, analytical, and project management skills to manage large-scale IT projects.

Good leadership and interpersonal skills and ability to build strong relationships with key stakeholders.

Good understanding how the different technology components in the organization support its business operations.

Excellent communication skills and ability to effectively communicate the IT architecture & data strategy and plans to stakeholders and IT team members.

Strong problem-solving skills to identify and manage IT architecture security risks and issues.

Strong analytical and critical thinking skills, ability to work under pressure.

Be an effective team player working both within and outside the IS / IT organisation.

Work to bring stakeholders along with decisions.

Ability to work independently and proactively contribute to a global team environment.

Excellent interpersonal, communication, and presenting skills; able to concisely communicate security risks to both technical and business audiences.

Industry certification from vendors : ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, Comptia Security

Strong written and verbal communication skills in English

Experience in some of the following areas :

o Security products including firewalls, URL filtering, information security and EDR / XDR / NDR including Microsoft E5 license stack products and GCP security.

o Emerging technologies and trends (ICS&OT, IIOT, Network, Infra, Cloud, data encryption, automotive industry technologies and vehicle security, etc.)

o Identify and understand the most common application security vulnerabilities (OWASP Top 10).

o Relevant laws, regulation and industry standards and frameworks related to security (NIST, SANS, CIS, ENISA, UNE, GDPR, PCI-DSS, SOC2, etc.).

o Implement security controls to improve system / platform overall security.

o Identity and Access Management.

o Application Security, cryptography and protocols.

o Secure System Development Live Cycle

o Security Incident Management and monitoring

o Security Operations, and Cyber Security

o Vulnerability management and penetration testing

o Information Security Management, Risk Management, and Asset Security

o Endpoints and Server Security, MDM / MAM, Network Security, and Cloud Security

o Security standards, laws, and compliance.

o Business continuity and disaster recovery continuity of operations plans.

Language :

Fluent in English with exceptional communication skills.

What We Offer :

• Full-time Freelance contract.
• Rate : €320 / €360 per day + VAT (According to proven experience).
• Long Term Project. Recurrence in Projects.
• Location : Madrid – (Alcobendas) Hybrid 50% in person 50% teleworking per week.