Cloud Security Engineer - Bengaluru, India - RapidBrains

Description

Job Title: GCP Security Engineer

Experience Level:10-15 years

Notice period:0-30 Days

Location: Bengaluru

Position Type: Full-Time

Job Description

As a Senior Cloud Security Engineer, you will play a crucial role in ensuring the security and compliance of our Google Cloud Platform (GCP) environments. You will be responsible for designing and implementing robust security solutions, conducting thorough security assessments, and collaborating with cross-functional teams to integrate security best practices into our development lifecycle.

Key Responsibilities:

• Design and implement security solutions for Google Cloud Platform (GCP) environments.
• Conduct security assessments and audits of GCP infrastructure, applications, and services to identify security risks and compliance gaps.
• Implement security controls and configurations for GCP services, including identity and access management (IAM), network security, encryption, and data protection.
• Monitor and analyze security events and incidents in GCP environments.
• Stay updated on emerging security threats, vulnerabilities, and technologies in cloud computing and GCP.
• Collaborate with engineering teams to integrate security requirements into the software development lifecycle (SDLC) and DevOps processes.
• Offer security guidance and support to development teams on secure coding practices, threat modeling, and vulnerability management.

Experience:

• Over 10 years of experience in the field, with 4+ years in a Lead Security Engineer, Security Architect, or similar role.
• Minimum 2+ years of hands-on experience with the Google Cloud Platform technology stack.
• Proven experience with GCP security services (e.g., IAM, Cloud SCC, Cloud KMS) and security/compliance standards (NIST, ISO 27xxx, SOC2, data privacy regulations).
• Solid understanding of Data security (encryption, masking, tokenization, etc.) and Secure SDLC (SAST, DAST, IAST, container security, etc.).
• Expert Knowledge of Identity management (SSO, MFA, etc.) and Network security (e.g., VPC, firewall, Cloud Armor).
• Experience in Incident management (Chronicle Security Operations or similar).
• Strong understanding of Containerization and orchestration (e.g., Docker, containerd, Kubernetes).
• Good knowledge of GCP services such as Compute Engine, App Engine, GKE, BigQuery, Cloud Storage, and Composer.
• Knowledge of DevOps and SRE practices including CI/CD (Cloud Build, Cloud Deploy, GitLab, Jenkins) and IaC (Terraform, Ansible).
• Familiarity with Observability tools such as ELK stack, Grafana, Prometheus, GCP Cloud's operations suite etc.
• GCP Professional Cloud Security Engineer certification is highly desired.
• Excellent problem-solving and analytical capabilities.

Skills & Requirements:

• Extensive experience with Google Cloud Platform (GCP).
• Proficiency in IAM, Security and compliance standards.
• Strong understanding of Data security and Secure SDLC.
• Expertise in Identity management and Network security.
• Experience with Incident management tools.
• Familiarity with Containerization and orchestration technologies.
• Knowledge of GCP services and DevOps practices.
• GCP Professional Cloud Security Engineer certification (desired).
• Excellent problem-solving and analytical skills.