Georgia IT Inc
GCP Security SecDevOps Engineer-NYC, NY or Alpharetta, GA
Georgia IT Inc, New York, New York, us, 10261
Job Title: GCP Security SecDevOps Engineer
Location:
Onsite:
3 days a week NYC, NY
or
Alpharetta, GA Rate:
DOE Duration : 06 Months plus contract
Position Overview: We are seeking a highly skilled
GCP Security SecDevOps Engineer
to join our dynamic team and strengthen our security posture across our Google Cloud Platform (GCP) environment. In this critical role, you will collaborate closely with development and operations teams to seamlessly integrate security practices into the DevOps pipeline. Your expertise in cloud security, automation, and DevOps processes will help ensure the secure design, deployment, and management of cloud-native applications and infrastructure.
Key Responsibilities:
Security Integration in DevOps:
Collaborate with Development and Operations teams to embed security practices (SecDevOps) throughout the software development lifecycle (SDLC). Cloud Security Architecture:
Design, implement, and continuously improve cloud security solutions for GCP-hosted applications and infrastructure. Automation and CI/CD Security:
Automate security checks within the CI/CD pipeline to ensure the safe deployment of cloud applications. Incident Response & Monitoring:
Monitor GCP resources for potential security threats, vulnerabilities, and breaches, and lead incident response efforts as needed. Vulnerability Management:
Conduct regular vulnerability assessments and work with teams to remediate any discovered issues. Compliance and Best Practices:
Ensure cloud infrastructure is compliant with relevant security policies, regulations, and industry best practices (e.g., NIST, CIS benchmarks). Cloud Infrastructure Security:
Secure the architecture of cloud-native services such as Kubernetes, GKE, IAM, and other GCP services. Security Automation & Scripting:
Write and maintain scripts (using tools such as Terraform, CloudFormation, or Python) to automate security tasks and workflows within the cloud environment.
Required Qualifications:
Experience:
3+ years of hands-on experience with
Google Cloud Platform (GCP)
security and SecDevOps practices. Proven expertise in integrating security controls into
CI/CD pipelines . Familiarity with
Cloud Security Posture Management (CSPM)
tools and practices.
Technical Skills:
Strong knowledge of
GCP services
such as IAM, Kubernetes Engine (GKE), Cloud Storage, Pub/Sub, and BigQuery. Experience with
security tools
such as Google Cloud Security Command Center, Cloud Identity, and Security Health Analytics. Proficiency in
automation tools
(e.g., Terraform, Ansible, Jenkins) and
Scripting
(Python, Shell).
Security Practices & Frameworks:
Familiar with security frameworks such as
CIS Benchmarks ,
NIST , and
OWASP . Experience in implementing
identity and access management (IAM)
in cloud environments.
Incident Response & Threat Hunting:
Ability to analyze and respond to security incidents in real-time, identifying root causes and remediating threats.
Collaboration & Communication:
Strong team player with the ability to collaborate cross-functionally with engineering, operations, and security teams. Ability to explain complex security concepts to non-technical stakeholders.
Preferred Qualifications:
Experience with
Kubernetes
and container security. GCP
certifications
(e.g., Professional Cloud Security Engineer, Associate Cloud Engineer). Familiarity with
Cloud-native security tools
such as Prisma Cloud, Aqua Security, or similar.
Onsite:
3 days a week NYC, NY
or
Alpharetta, GA Rate:
DOE Duration : 06 Months plus contract
Position Overview: We are seeking a highly skilled
GCP Security SecDevOps Engineer
to join our dynamic team and strengthen our security posture across our Google Cloud Platform (GCP) environment. In this critical role, you will collaborate closely with development and operations teams to seamlessly integrate security practices into the DevOps pipeline. Your expertise in cloud security, automation, and DevOps processes will help ensure the secure design, deployment, and management of cloud-native applications and infrastructure.
Key Responsibilities:
Security Integration in DevOps:
Collaborate with Development and Operations teams to embed security practices (SecDevOps) throughout the software development lifecycle (SDLC). Cloud Security Architecture:
Design, implement, and continuously improve cloud security solutions for GCP-hosted applications and infrastructure. Automation and CI/CD Security:
Automate security checks within the CI/CD pipeline to ensure the safe deployment of cloud applications. Incident Response & Monitoring:
Monitor GCP resources for potential security threats, vulnerabilities, and breaches, and lead incident response efforts as needed. Vulnerability Management:
Conduct regular vulnerability assessments and work with teams to remediate any discovered issues. Compliance and Best Practices:
Ensure cloud infrastructure is compliant with relevant security policies, regulations, and industry best practices (e.g., NIST, CIS benchmarks). Cloud Infrastructure Security:
Secure the architecture of cloud-native services such as Kubernetes, GKE, IAM, and other GCP services. Security Automation & Scripting:
Write and maintain scripts (using tools such as Terraform, CloudFormation, or Python) to automate security tasks and workflows within the cloud environment.
Required Qualifications:
Experience:
3+ years of hands-on experience with
Google Cloud Platform (GCP)
security and SecDevOps practices. Proven expertise in integrating security controls into
CI/CD pipelines . Familiarity with
Cloud Security Posture Management (CSPM)
tools and practices.
Technical Skills:
Strong knowledge of
GCP services
such as IAM, Kubernetes Engine (GKE), Cloud Storage, Pub/Sub, and BigQuery. Experience with
security tools
such as Google Cloud Security Command Center, Cloud Identity, and Security Health Analytics. Proficiency in
automation tools
(e.g., Terraform, Ansible, Jenkins) and
Scripting
(Python, Shell).
Security Practices & Frameworks:
Familiar with security frameworks such as
CIS Benchmarks ,
NIST , and
OWASP . Experience in implementing
identity and access management (IAM)
in cloud environments.
Incident Response & Threat Hunting:
Ability to analyze and respond to security incidents in real-time, identifying root causes and remediating threats.
Collaboration & Communication:
Strong team player with the ability to collaborate cross-functionally with engineering, operations, and security teams. Ability to explain complex security concepts to non-technical stakeholders.
Preferred Qualifications:
Experience with
Kubernetes
and container security. GCP
certifications
(e.g., Professional Cloud Security Engineer, Associate Cloud Engineer). Familiarity with
Cloud-native security tools
such as Prisma Cloud, Aqua Security, or similar.