Senior GCP Security

We are seeking a Security Engineer to join our team and help maintain and strengthen our security posture within Google Cloud Platform. This role focuses on hands‑on security operations, vulnerability management, and implementing security best practices across our cloud infrastructure.

Key Responsibilities

GCP Security Operations

• Manage and configure GCP security services including IAM, Security Command Center, and SecOps
• Conduct routine security configuration reviews across cloud resources
• Implement standard security hardening measures following GCP best practices
• Monitor and respond to security alerts and findings within the GCP environment
• Maintain security documentation and ensure adherence to established security standards

Security Assessments & Vulnerability Management

• Execute vulnerability scans across infrastructure and applications
• Analyze and interpret scan results to identify potential security risks
• Triage security findings based on severity and business impact
• Provide remediation guidance to engineering teams for identified vulnerabilities
• Review Python code and system architectures for common security weaknesses, including:
  • Authentication and authorization flaws
  • Injection vulnerabilities
  • Insecure configurations and misconfigurations
  • Other OWASP Top 10 security issues

Security Automation

• Develop Python or Bash scripts to automate routine security tasks
• Create custom security checks and validation scripts
• Automate repetitive security processes to improve efficiency
• Build tools to support security monitoring and reporting activities

Required Qualifications

• Hands‑on experience with GCP security services (IAM, Security Command Center, SecOps)
• Practical experience conducting vulnerability assessments and managing security findings
• Demonstrated ability to review code (particularly Python) and system designs for security issues
• Proficiency in Python or Bash scripting for automation purposes
• Strong understanding of GCP security best practices and cloud security fundamentals
• Ability to communicate security findings and recommendations clearly to technical teams

Preferred Qualifications

• GCP security certifications (Professional Cloud Security Engineer)
• Experience with security frameworks and compliance standards
• Familiarity with DevSecOps practices and CI/CD pipeline security
• Background in incident response or security operations