Job Description:
We are seeking an experienced Cloud Security Engineer to design, implement, and manage cloud network security controls in Google Cloud Platform. The role focuses on Infrastructure-as-Code (IaC) delivery using Terraform, integrated into Azure DevOps Pipelines and GitHub Actions.
Google Cloud Platform cloud security SME with hands-on experience in CI/CD infrastructure as code using Terraform and ADO. Familiarity with Google Cloud Platform NGFW, Cloud Armor, VPC-SC, and Zscaler Cloud Connector is essential. Details follow.
The ideal candidate is a subject matter expert (SME) who can build secure, automated solutions from the ground up using Terraform, while documenting and transferring knowledge to internal teams. This role requires the ability to balance planned project execution within agile methodologies with rapid incident response (P0–P3) in a dynamic, fast-paced environment.
Responsibilities:
· Design, implement, and manage cloud-native network security controls in Google Cloud Platform, including:
· Google Cloud Platform VPC Service Controls (VPC-SC)
· Google Cloud Platform Cloud Armor (DDoS/WAF protection)
· Google Cloud Platform Cloud Next-Gen Firewall (NGFW Enterprise) with IPS/IDS Zscaler Cloud Connector
· Develop, maintain, and scale Terraform-based Infrastructure-as-Code modules for cloud infrastructure and security policies.
· Build, enhance, and manage CI/CD automation using Azure DevOps Pipelines and GitHub Actions.
· Author clear documentation, runbooks, and deliver knowledge transfers and training to operational and engineering teams.
· Collaborate cross-functionally with cloud, security, and development teams to ensure secure, scalable solutions.
· Participate in agile ceremonies for planned project work and provide rapid incident response during P0–P3 security/networking events.
Required Qualifications:
· U.S. citizenship is required (by birth or naturalization); s are not eligible .
· Work must be performed within the United States (onshore only; no offshore work permitted).
· 5+ years of hands-on experience as a Cloud Engineer or Cloud Security Engineer.
· 3+ years of hands-on experience with Google Cloud Platform network security services, including VPC Service Controls (VPC-SC), Cloud Armor, and NGFW with IPS/IDS.
· Strong expertise in Terraform (designing reusable modules, managing state, enterprise workflows).
· Proficiency in CI/CD tools: Azure DevOps Pipelines and GitHub Actions.
· Scripting proficiency (PowerShell, Bash, or Python) for automation and troubleshooting.
· Demonstrated experience documenting technical solutions, producing clear runbooks, and performing knowledge transfers to enable operational adoption.
· Strong troubleshooting and incident response skills in cloud environments.
Preferred Qualifications:
· Experience integrating AI/ML and agentic platforms (e.g., Anthropic Claude or similar) into DevOps pipelines to automate processes, improve operational efficiency, and accelerate delivery timelines.
· Experience with additional CI/CD platforms (e.g., GitLab CI, Jenkins, CircleCI) and configuration management tools (e.g., Ansible).
Relevant certifications:
· Cloud Security / Architecture: Google Professional Cloud Security Engineer or Google Professional Cloud Architect
IaC / DevOps: HashiCorp Certified: Terraform Associate or Azure DevOps Engineer Expert
