1. Working experience with driving design decisions using Threat
Modeling (STRIDE/MITRE ATT&CK)
2. Practical experience in hardening GCP Services
3. Practical experience with a CNAPP/CSPM tool
4. Experience with formal documentation of cloud controls (Threat
Model Reports, Policy Summary Pages)