Cloud Security Engineer DevSecOps & GCP

We are seeking a Cloud Security Engineer with strong expertise in DevSecOps and Google Cloud Platform (GCP). You will help design and implement secure-by-default practices across cloud environments, CI/CD pipelines, and Infrastructure as Code deployments. This role requires hands-on security engineering skills combined with strategic thinking to ensure security is embedded across the development lifecycle.

You will work in a flexible EMEA timezone, contributing to cloud security engineering initiatives that align with regulatory requirements and modern security standards.

Responsibilities

• Design and implement secure architectures across GCP using native services such as IAM, VPC-SC, Cloud Armor, KMS, and Security Command Center

• Embed security into CI/CD workflows using DevSecOps practices and tools

• Build and maintain Infrastructure as Code using Terraform to enforce secure configurations

• Develop automation scripts in Python, Bash, or Go to streamline security tooling and enforcement

• Define and implement monitoring, logging, and alerting mechanisms for GCP environments

• Ensure alignment with frameworks such as NIST, MITRE ATT&CK, and OWASP Top 10

• Collaborate with development and operations teams to drive security awareness and secure-by-design principles

• Contribute to incident response processes, including analysis and remediation support

Requirements

• 5+ years of experience in cloud security engineering, ideally in GCP environments

• Strong understanding of DevSecOps methodologies and CI/CD pipeline security integration

• Hands-on experience with GCP security services: IAM, VPC-SC, Cloud Armor, KMS, SCC

• Proficiency in scripting (Python, Bash, Go) for automation and custom security tools

• Familiarity with Infrastructure as Code tools (Terraform)

• Strong knowledge of network security concepts in cloud environments (VPNs, DNS, firewalls, load balancing)

• Solid understanding of cloud security monitoring, logging, and alerting practices

• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)

• Certification: Google Cloud PCSE or equivalent

Nice to have

• Experience with SIEM/SOAR platforms (Chronicle, Splunk, Sentinel)

• Background in container and service mesh security (GKE, Istio)

• Familiarity with threat detection techniques including ML and behavioral analytics

• Knowledge of compliance automation and cloud security scorecards

• Experience working in regulated industries (e.g., public sector, finance, healthcare)

• Exposure to incident response and forensic practices in cloud-native environments

We offer

• Fully remote work with flexible working hours -  EMEA Timezone.

• Long-term collaboration on B2B contract.

• Opportunity to work on complex cloud projects for international clients.

• Professional growth in a highly skilled and supportive team.

• Collaborative and open working culture.