GCP Security Engineer (SecDevOps)

Job Summary:

We are seeking a skilled GCP Security Engineer specializing in SecDevOps to enhance our security posture across our Google Cloud Platform (GCP) environment. In this role, you will collaborate closely with development and operations teams to integrate security practices into the DevOps pipeline. Your expertise will help ensure the secure design, deployment, and management of cloud-native applications and infrastructure.

Key Responsibilities:

• Security Integration: Embed security practices into the CI/CD pipeline, ensuring that security is a core component of the software development lifecycle.
• Vulnerability Management: Conduct regular security assessments, vulnerability scans, and penetration testing on GCP resources to identify and mitigate security risks.
• Infrastructure as Code (IaC): Develop and maintain secure IaC templates (e.g., Terraform, Cloud Deployment Manager) to automate provisioning and configuration of GCP resources securely.
• Monitoring and Logging: Implement security monitoring and logging solutions, utilizing tools such as Google Cloud Security Command Center and Stackdriver to detect and respond to threats.
• Incident Response: Collaborate with incident response teams to investigate and remediate security incidents in GCP environments.
• Access Control: Manage and enforce identity and access management (IAM) policies, ensuring least privilege access across GCP services.
• Compliance Assurance: Assist in ensuring compliance with relevant security standards and frameworks (e.g., CIS, NIST) within GCP.
• Security Awareness: Provide training and support to development and operations teams on security best practices and secure coding techniques.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degree preferred.
• 3 years of experience in information security, with a focus on cloud security, preferably in GCP.
• Strong knowledge of GCP security services, including IAM, VPC, Cloud Armor, and Data Loss Prevention.
• Proficiency in scripting and automation using languages such as Python, Bash, or Go.
• Experience with container security (e.g., Kubernetes, Docker) and CI/CD tools (e.g., Jenkins, GitLab).
• Familiarity with security tools and frameworks for vulnerability management, logging, and monitoring.
• Strong analytical skills and a proactive approach to problem-solving.
• Excellent communication and collaboration skills to work effectively with cross-functional teams.
• Relevant certifications (e.g., Google Cloud Professional Cloud Security Engineer, CISSP, or other cloud security certifications) are a plus.?

The pay range that the employer in good faith reasonably expects to pay for this position is $46.23/hour - $72.23/hour. Our benefits include medical, dental, vision and retirement benefits. Applications will be accepted on an ongoing basis.

Tundra Technical Solutions is among North America’s leading providers of Staffing and Consulting Services. Our success and our clients’ success are built on a foundation of service excellence. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Unincorporated LA County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: client provided property, including hardware (both of which may include data) entrusted to you from theft, loss or damage; return all portable client computer hardware in your possession (including the data contained therein) upon completion of the assignment, and; maintain the confidentiality of client proprietary, confidential, or non-public information. In addition, job duties require access to secure and protected client information technology systems and related data security obligations.

Salary : $46 - $72