GCP Security Engineer (SecDevOps)

Apply Now

Company: J and M Group

Location: Montreal, QC H1A 0A1

Description:

Job Description:
  • We are seeking a skilled GCP Security Engineer specializing in SecDevOps to enhance our security posture across our Google Cloud Platform (GCP) environment.
  • In this role, you will collaborate closely with development and operations teams to integrate security practices into the DevOps pipeline.
  • Your expertise will help ensure the secure design, deployment, and management of cloud-native applications and infrastructure.

Key Responsibilities:
  • Security Integration: Embed security practices into the CI/CD pipeline, ensuring that security is a core component of the software development lifecycle.
  • Vulnerability Management: Conduct regular security assessments, vulnerability scans, and penetration testing on GCP resources to identify and mitigate security risks.
  • Infrastructure as Code (IaC): Develop and maintain secure IaC templates (e.g., Terraform, Cloud Deployment Manager) to automate provisioning and configuration of GCP resources securely.
  • Monitoring and Logging: Implement security monitoring and logging solutions, utilizing tools such as Google Cloud Security Command Center and Stackdriver to detect and respond to threats.
  • Incident Response: Collaborate with incident response teams to investigate and remediate security incidents in GCP environments.
  • Access Control: Manage and enforce identity and access management (IAM) policies, ensuring least privilege access across GCP services.
  • Compliance Assurance: Assist in ensuring compliance with relevant security standards and frameworks (e.g., CIS, NIST) within GCP.
  • Security Awareness: Provide training and support to development and operations teams on security best practices and secure coding techniques.

Qualifications:
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degree preferred.
  • 3+ years of experience in information security, with a focus on cloud security, preferably in GCP.
  • Strong knowledge of GCP security services, including IAM, VPC, Cloud Armor, and Data Loss Prevention.
  • Proficiency in scripting and automation using languages such as Python, Bash, or Go.
  • Experience with container security (e.g., Kubernetes, Docker) and CI/CD tools (e.g., Jenkins, GitLab).
  • Familiarity with security tools and frameworks for vulnerability management, logging, and monitoring.
  • Strong analytical skills and a proactive approach to problem-solving.
  • Excellent communication and collaboration skills to work effectively with cross-functional teams.
  • Relevant certifications (e.g., Google Cloud Professional Cloud Security Engineer, CISSP, or other cloud security certifications) are a plus

Similar Jobs