Cloud Security Engineer

The successful candidate will be a subject matter expert with hands‑on experience in a wide range of cloud technologies, tools and methodologies. The role is suited for an experienced Cloud Engineer with focus in Google Cloud Platform; the candidate must have proven understanding in enterprise security and will focus on building toolsets and processes to support the Information Security Program (ISP). The team fosters a collaborative environment and is building a best‑in‑class program to partner with the business to protect the Firm's information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.

• Contribute to the vision, strategy, and drive execution for integrated security controls across Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) and for Millennium's Google Cloud Platform (GCP) efforts.
• Able to demonstrate clear understanding of current risks and threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels.
• Ability to conduct Red Team security testing tasks in GCP to continuously assess security posture in GCP platform.
• Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for GCP platform.
• Provide security consultancy and engineering support for cloud security solutions including analysis and development of Google, and other security solutions.
• Provide architecture assurance on Cloud security initiatives and compliance of existing security standards interfacing with infrastructure and development teams.
• Maintain the security infrastructure tools that are built on the Cloud platform, providing stability and policies and procedures.
• Support the development and delivery of a comprehensive ISP for the entire organization.
• Actively monitor new and emerging cloud security technologies, trends, issues, solutions and assess their applicability to MLP's cloud strategy.
• Perform periodic and on‑demand system audits and vulnerability assessments of systems, internal applications and Cloud services to identify security vulnerabilities.
• Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
• Manage remediation efforts for any gaps reported in audits or recommended process improvements.
• Collaborate with IT management, Legal, Human Resources and Compliance departments to manage security vulnerabilities and investigations.
• Provide support to Security and other technical operations staff to ensure smooth turnover from Engineering to Production.
• Liaison with key stakeholders to create and enforce policy including Technology organization, Trading units, Legal, Internal Audit, and Compliance.
• Leads the effort to ensure security compliance in accordance with regulatory security standards required by appropriate governing bodies.
• Develop and maintain documentation of all Security products including specific tools, technologies and processes.

• Bachelor's degree in Computer Science or Engineering preferred. 5+ years experience working in a technical role with a minimum of 3+ years experience focusing on Information Security in the financial industry (preferred).
• Solid understanding of GCP security controls and best practices to secure cloud resources in a hybrid environment. Knowledge of VPC Service Controls is a plus.
• Deep expertise with Identity and Access Management (IAM) in GCP, including but not limited, Workload Identity Federation, IAM role usage analysis, Organizational Constraints, Cloud Identity, etc.
• Proficiency in software development and scripting in Python is required.
• Hands‑on experience in building security guardrails in GCP to allow for innovation without compromising security posture.
• Demonstrated expertise in Infrastructure as Code tooling using Terraform.
• Strong knowledge and experience in a variety of technologies including UNIX, Networking, Databases, and Storage.
• Strong knowledge of Information security controls.
• Knowledge of software development security and cryptography, AI security.
• Possess a passion for Information Security and Technology.
• Able to prioritize in a fast moving, high pressure, constantly changing environment.
• An aptitude for critical thinking and problem solving.
• Ability to communicate and collaborate across teams.
• Comfortable working with geographically dispersed team.
• CISSP/CCSK or GCP security related certifications is a plus.