Role: Cloud Security (GCP) Engineer
Location: Hyderabad, IN
Key Responsibilities:
- Design and Implement Cloud Security Measures: Develop and enforce security policies and procedures for cloud-based systems, ensuring compliance with industry standards and best practices.
- Educate and Transition Security Frameworks: Guide teams in migrating existing on-premises security frameworks, such as Rubric, to cloud environments, ensuring seamless integration and functionality.
- Manage Secure Backup and Restore Processes: Oversee and enhance secure backup and restoration procedures for cloud-based data and applications.
- Infrastructure as Code Development: Utilize Terraform to automate the provisioning and management of cloud infrastructure, ensuring scalability and reliability.
- CI/CD Pipeline Integration: Collaborate with development teams to integrate security measures within Continuous Integration/Continuous Deployment pipelines.
- Complex Workload Restoration: Develop and implement strategies for restoring complex workloads in cloud environments, ensuring minimal downtime and data integrity.
- Advanced Cloud Services Management: Leverage advanced cloud services to optimize cloud resources' performance, security, and cost-efficiency.
- Kubernetes Security Oversight: Manage and secure containerized applications orchestrated through Kubernetes, ensuring adherence to security best practices.
Qualifications:
- Educational Background: Bachelor's degree in Computer Science, Information Technology, or a related field.
- Professional Experience: Minimum of 3 years in cloud security engineering, focusing on GCP environments.
Technical Proficiency:
- Strong DevOps experience in GCP cloud with experience in DevSecops and related tools,
- Understanding of application vulnerability and exposure to sast/dast tools. scripting (python, java) and software development experience
- Strong cloud infrastructure & DevOps hands-on experience in GCP.
- DevSecOps is Mandatory
- DevSecOps pipeline tools: Jenkins, Travis CI, and GitLab CI/CD are the leading-edge tools that seamlessly enable automated testing and security checks at various stages of the software development pipeline.
- Static application security testing (SAST) tools: Examples include Checkmarx, Fortify, and Veracode, which automatically scan the source code for vulnerabilities.
- Dynamic application security testing (DAST) tools: Tools like OWASP ZAP and Burp Suite are used to test running applications for security issues.
- Container Security Tools: Docker Security Scanning and Clair are tools for assessing container images for vulnerabilities.
- Infrastructure as Code (IaC) Security Scanning Tools: Tools like Terraform and AWS Config provide automated security checks for infrastructure deployment.
Nice to have:
- Hands on experience in infrastructure (systems/backups/storage/vmware/db/networking) is a plus
- Exposure to security incident mgmt and vulnerability mgmt with an eye for scripting/automation is required.
Certifications:
- Relevant certifications such as Google Professional Cloud Security Engineer, Certified Kubernetes Security Specialist (CKS), or similar are preferred.
