PERM GCP Cloud Security Engineer - GCP, AWS, Azure, Python, Bash, IAM, Terraform, Automation

The successful candidate will be a subject matter expert with hands-on experience in a wide range of cloud technologies, tools and methodologies. The role is suited for an experienced Cloud Engineer with a focus on Google Cloud Platform. The candidate must have a proven understanding of enterprise security and will focus on building toolsets and processes.

Principal Responsibilities

• Contribute to the vision, strategy, and drive execution for integrated security controls across Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) and for Google Cloud Platform (GCP) efforts.
• Able to demonstrate clear understanding of current risks and threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels.
• Ability to conduct Red Team security testing tasks in GCP to continuously assess security posture in GCP platform.
• Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for GCP platform.
• Provide security consultancy and engineering support for cloud security solutions including analysis and development of Google, and other security solutions.
• Provide architecture assurance on Cloud security initiatives and compliance of existing security standards interfacing with infrastructure and development teams.
• Maintain the security infrastructure tools that are built on the Cloud platform, providing stability and policies and procedures.
• Support the development and delivery of a comprehensive ISP for the entire organization.
• Perform periodic and on-demand system audits and vulnerability assessments of systems, internal applications and Cloud services to identify security vulnerabilities.
• Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties. Manage remediation efforts for any gaps reported in audits or recommended process improvements.
• Provide support to Security and other technical operations staff to ensure smooth turnover from Engineering to Production.

Qualifications/Skills Required

• Bachelor's degree in Computer Science or Engineering preferred.
• 5+ years experience working in a technical role with a minimum of 3+ years experience focusing on Information Security in the financial industry (preferred).
• Solid understanding of GCP security controls and best practices to secure cloud resources in a hybrid environment. Knowledge of VPC Service Controls is a plus.
• Deep expertise with Identity and Access Management (IAM) in GCP, including but not limited to Workload Identity Federation, IAM role usage analysis, Organizational Constraints, Cloud Identity, etc.
• Proficiency in software development and scripting in Python is required.
• Hands-on experience in building security guardrails in GCP to allow for innovation without compromising security posture.
• Demonstrated expertise in Infrastructure as Code tooling using Terraform.
• Strong knowledge and experience in a variety of technologies including UNIX, Networking, Databases, and Storage.
• Strong knowledge of Information security controls.
• Knowledge of software development security and cryptography, AI security.
• CISSP/CCSK or GCP security related certifications is a plus.

Permanent Role - Central London based - candidate must be eligible to work in the UK (no sponsorship).