Connvertex Technologies - Minneapolis, MN

posted 9 days ago

Full-time - Senior
Minneapolis, MN
Professional, Scientific, and Technical Services

About the position

The Senior GCP Security Engineer (DevSecOps) is a senior-level role responsible for leading and driving security initiatives across the cloud environment, specifically focusing on Google Cloud Platform (GCP). This position integrates security into the development and operational lifecycle, collaborating with various teams to ensure the GCP environment is secure, scalable, and compliant with industry standards. The ideal candidate will be a subject matter expert in GCP security and DevOps practices, implementing advanced security solutions and automating security processes.

Responsibilities

  • Lead security design and architecture reviews for GCP environments, ensuring security is embedded at all layers of the infrastructure.
  • Define and implement security standards for GCP infrastructure, including network segmentation, firewall rules, and secure configurations for compute, storage, and database services.
  • Conduct threat modeling exercises to identify potential security risks and develop mitigation strategies.
  • Establish and maintain security baselines for GCP resources.
  • Partner with security architects, developers, and platform engineers to implement security best practices across DevSecOps pipelines and cloud infrastructure.
  • Work closely with development teams to integrate security testing into the software development lifecycle (SDLC).
  • Collaborate with operations teams to implement security monitoring and incident response processes.
  • Provide guidance to architects and engineers on secure cloud design patterns and best practices.
  • Develop and enhance security controls in GCP, including identity and access management (IAM), encryption strategies, and cloud security posture management (CSPM).
  • Champion the integration of security automation tools (SAST, DAST, IaC scanning) into CI/CD pipelines, ensuring proactive identification and remediation of vulnerabilities.
  • Build and maintain automated security tooling for cloud infrastructure, using Infrastructure as Code (IaC) technologies like Terraform to streamline security operations.
  • Collaborate with security operations and incident response teams during investigations and implement remediations for security incidents in GCP.
  • Develop and implement security incident response plans for GCP environments.
  • Proactively hunt for threats and vulnerabilities in GCP using threat intelligence and security analytics platforms.
  • Ensure adherence to security frameworks (SOC 2, ISO 27001, NIST, etc.) and assist with cloud governance, risk, and compliance initiatives.
  • Conduct security assessments and audits to ensure compliance with relevant regulations and industry standards (e.g., SOC 2, ISO 27001, PCI DSS, FERPA, GDPR, CCPA).
  • Develop and maintain a risk register for GCP environments, identifying and prioritizing security risks.
  • Partner with Infosec on implementation and managing security monitoring, logging, and alerting mechanisms across GCP, leveraging native services and third-party tools for continuous security visibility.
  • Lead efforts to continuously evaluate and improve platform security practices in response to emerging threats, evolving technologies, and industry trends.

Requirements

  • 7+ years of experience in cloud security engineering, with at least 3 years focused on GCP.
  • 3+ years experience with Terraform.
  • GCP Professional Cloud Security Engineer certification is required.
  • Strong experience with integrating security within CI/CD pipelines using tools like Jenkins, GitLab, CircleCI, or similar.
  • Deep expertise in GCP services such as IAM, KMS, VPC, Cloud Security Command Center, and security best practices for GCP-native services.
  • Proficiency with Infrastructure as Code tools (Terraform) and cloud security automation.
  • Advanced proficiency in languages like Python, Bash, or similar for automating security tasks and orchestrating security processes.
  • Hands-on experience with security tools like SAST, DAST, vulnerability scanning, and container security.
  • Excellent communication and leadership skills, with the ability to work across technical and non-technical teams to implement security strategies.

Nice-to-haves

  • Expertise with containerization and orchestration technologies (Docker, Kubernetes), including security measures for microservices and containerized applications.
  • Experience using an Internal Developer Platform (Humanitec) to orchestrate workloads.
  • Experience in Zero Trust security models and GCP implementation strategies.
  • Knowledge of security compliance frameworks (SOC 2, HIPAA, PCI-DSS) and GCP compliance services.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service