Job Description

Key Responsibilities

• Design and implement secure cloud architectures leveraging GCP services including Cloud Armor, Cloud Load Balancing, Cloud CDN, and VPC Service Controls.

• Develop and enforce security policies, access controls, and WAF (Web Application Firewall) configurations using Google Cloud Armor.

• Collaborate with application and infrastructure teams to integrate security controls across CI/CD pipelines and deployment models.

• Lead threat modeling, risk assessment, and mitigation strategies for GCP workloads.

• Implement DDoS protection, rate limiting, and geo-based access controls for critical applications.

• Create and maintain infrastructure security standards, reference architectures, and automation templates (Terraform / Deployment Manager).

• Integrate logging, monitoring, and alerting through Cloud Logging, Cloud Monitoring, and Security Command Center.

• Provide guidance and mentorship to development and DevOps teams on cloud security best practices.

• Work with stakeholders to ensure compliance with security and regulatory frameworks (SOC2, PCI, ISO 27001, etc.).

Required Skills & Experience

• 10+ years of overall IT experience with at least 4+ years in cloud architecture or security.

• Strong hands-on experience with Google Cloud Platform (GCP) services:

o Cloud Armor (Security policies, WAF, Adaptive Protection)

o VPC, Load Balancer, Cloud CDN, Cloud Run, GKE

o IAM, Service Accounts, and Resource Hierarchies

• Solid understanding of network security, zero trust architecture, and cloud-native security frameworks.

• Experience with Terraform, Cloud Deployment Manager, or similar IaC tools.

• Familiarity with security incident response and SIEM integrations.

• Excellent communication and presentation skills to interface with senior technical and business stakeholders.

Preferred Qualifications

• GCP Professional Cloud Architect or Professional Cloud Security Engineer certification.

• Experience in multi-cloud environments (AWS, Azure).

• Background in DevSecOps practices and automated compliance.

• Knowledge of container security (GKE, Anthos) and API security frameworks.

Soft Skills

• Strong analytical and problem-solving abilities.

• Ability to translate complex technical topics into clear, actionable recommendations.

• Proactive, detail-oriented, and collaborative mindset.

Job Tags

Similar Jobs