Role:
* Design and implement secure cloud architectures and strategies on GCP.
* Evaluate and recommend security tools, services and configurations to strengthen cloud security posture.
* Ensure compliance with security standards and frameworks such as ISO 27001, NIST, CIS, GDPR and others.
* Lead threat modeling, risk assessments, and security reviews for GCP infrastructure and applications.
* Define and enforce Identity and Access Management (IAM) policies, including roles, permissions and service accounts.
* Implement and maintain security monitoring, logging, and alerting tools (e.g., Cloud Logging, Cloud Monitoring, SCC).
* Collaborate with DevOps, engineering, and compliance teams to embed security into the CI/CD pipelines.
Skills:
* Extensive experience in cloud security architecture, with at least 3 years on Google Cloud Platform.
* Deep understanding of GCP services such as VPC, IAM, Cloud Armor, KMS, SCC, GKE and others.
* Strong knowledge of security protocols, authentication, authorisation, encryption and network security.
* Experience implementing Infrastructure as Code (IaC) with tools like Terraform or Deployment Manager.
* Familiarity with DevSecOps practices and integrating security into DevOps pipelines.
* Experience with security assessment tools and methodologies.
* GCP Professional Cloud Security Engineer certification (preferred).
* Strong communication and stakeholder engagement skills.
* Experience with multi-cloud environments (AWS, Azure) preferred.