GCP Security / DevSecOps Engineer

Beacon Hill Staffing Group - Concord, NH

posted about 1 month ago

Full-time - Mid Level
Remote - Concord, NH
Administrative and Support Services

About the position

As a GCP Security / DevSecOps Engineer at Beacon Hill Staffing Group, you will play a crucial role in safeguarding cloud environments hosted on Google Cloud Platform (GCP). This position involves working closely with the security team to ensure the confidentiality, integrity, and availability of client data and applications. The role requires extensive experience in GCP security, policy enforcement, and automation of security processes, with a focus on Infrastructure as Code (IaC) using Terraform and Open Policy Agent (OPA).

Responsibilities

  • Design and implement company policies into CI/CD pipelines for enforcing policy requirements based on Infrastructure as Code (IaC) planning.
  • Code Terraform for current and future state security tooling configurations for all or partial security stack implementations.
  • Assist in reporting, explaining, and integrating remediations around vulnerabilities from static, dynamic, and real-time code scanning.
  • Coordinate with architecture function in the design and implementation of security controls and best practices for GCP environments.
  • Monitor and analyze security alerts and incidents, taking proactive measures to mitigate risks.
  • Collaborate with cross-functional teams to assess security requirements and provide guidance on secure cloud architecture.
  • Assist vulnerability management team to identify and remediate security vulnerabilities.
  • Stay up-to-date with the latest security threats and trends, and recommend security enhancements.
  • Assist in compliance efforts by implementing security policies and procedures.

Requirements

  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience).
  • Basic understanding of cloud computing concepts, preferably with experience in Google Cloud Platform (GCP).
  • Familiarity with security best practices, including encryption, access control, and identity management.
  • Strong problem-solving skills and attention to detail.
  • Excellent communication and teamwork abilities.
  • Ability to work in a flexible and rapid manner to support Agile security development lifecycles.
  • At least 4 years of active Terraform coding experience at the base template/plan level.
  • At least 4 years of experience with HCL, JSON, and Python.
  • At least 4 years of experience in a DevSecOps environment.
  • Experience with Open Policy Agent Rego creation and addition to CI/CD Terraform planning, templating, and branching strategies.
  • Experience with code scanning tooling and their supplemental application in cloud environments.

Nice-to-haves

  • Relevant certifications such as Google Professional Cloud Security Engineer, CompTIA Security+, or Certified Information Systems Security Professional (CISSP) are a plus but not required.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service