Creating the world's most advanced cybersecurity EcoSystem.

Cloud Security Engineer – GCP Security Engineering, SecOps Enablement

Security OperationsSecurity OperationsFull TimeRemoteTeam 51-200Since 2001H1B No SponsorCompany Site LinkedIn

Location

United States

Posted

35 days ago

Salary

Not specified

Professional CertificateEnglishAWSAzureCloudGoogle Cloud PlatformKubernetesPythonGo

Job Description

• Comply with currently mandated national and DoD-approved policies, directives, architectures, programs, standards, and guidelines. • Design, implement, and sustain security telemetry/logging architecture in GCP, ensuring high-fidelity signals are collected, normalized, and delivered to the VDSS/SIEM/SOAR stack. • Own logging coverage and quality for cloud and platform signals, including: Cloud Audit Logs (Admin Activity, Data Access, System Event) • IAM/service account activity and privileged actions • VPC Flow Logs, load balancer/WAF/proxy signals • GKE audit logs and Kubernetes control-plane events • Security-relevant application/service logs • Build detection engineering content: queries, correlation logic, alert rules, and dashboards aligned to cloud threat scenarios (IAM abuse, suspicious API usage, workload compromise, data access anomalies, lateral movement paths). • Develop automation and guardrails to reduce toil and accelerate investigations/response: API-driven enrichment and evidence capture (e.g., asset inventory, IAM bindings, network path/context, log exports) • Repeatable runbooks/workflows and integration into ticketing/notification pipelines • Partner with teams to implement and validate security controls that improve defensibility: Secure configuration baselines and drift detection • Identity and access telemetry improvements • Network segmentation signals and policy validation • Container/GKE security instrumentation and runtime visibility • Execute continuous control-health checks and instrumentation validation (telemetry completeness, parsing quality, alert fidelity, logging pipeline reliability). • Coordinate cleanly with the CSSP: provide engineered signals, detection content, and automation that improves downstream monitoring and response outcomes. • Produce clear technical deliverables (engineering notes, detection documentation, dashboards/coverage maps, stakeholder-ready updates) with minimal editing.

Job Requirements

Active DoD Secret secret clearance
Role-required security certification such as: CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+, GCFA, GCIH, SCYBER
Demonstrated experience in cloud security engineering or security-focused platform engineering in enterprise/mission environments
GCP strongly preferred (AWS/Azure acceptable with ability to ramp quickly in GCP)
Strong proficiency in cloud logging/telemetry design, including integration into VDSS/SIEM/SOAR platforms
Hands-on experience with automation and APIs (Python/Go/Bash, REST/JSON, gcloud/SDKs) to build repeatable security workflows
Experience with Kubernetes/container security concepts; ability to instrument and operationalize GKE audit/runtime telemetry.
Practical incident-response awareness (evidence preservation and containment guidance)
Strong writing/briefing skills; can deliver precise, customer-ready outputs with minimal oversight.
Comfort operating in a high-change environment with competing priorities and frequent stakeholder engagement.
Cloud certification preferred (e.g., CCSP or Google Professional Cloud Security Engineer, Professional Cloud DevOps Engineer, Professional Cloud Network Engineer)