Google Cloud Security Engineer

Job Description:

We are seeking a skilled GCP Security Engineer specializing in Network and Cloud Infrastructure Security to enhance our security posture across our Google Cloud Platform (GCP) environment.
In this role, you will collaborate closely with development and operations teams to integrate security practices into the Cloud services.
Your expertise will help ensure the secure design, deployment, and management of cloud-native applications and infrastructure.

Key Responsibilities:

• Network Security
o Configure and manage network security groups (NSGs) and firewalls to protect network resources. Implement secure network connectivity, including VPNs, load balancers, and network segmentation.
o Monitor network traffic for anomalies and threats using tools like Cloud Armor and Network Intelligence Center.

• Identity and Access Management
o Manage and enforce granular identity and access management (IAM) and PAM policies, ensuring least privilege access across GCP services.
o Manage user lifecycle processes, including provisioning, de-provisioning, and access reviews. Implement and maintain strong multi-factor authentication (MFA) and other advanced authentication mechanisms.

• Data Protection
o Implement robust data encryption and key management strategies using Cloud KMS.
o Conduct regular data classification and labeling.
o Implement Google Data Loss Prevention (DLP) solution to protect sensitive data.

• Encryption
o Familiarity with Cloud HSM, PKI, Enterprise Key Management

• Compliance Assurance
o Assist in ensuring compliance with relevant KSA security standards and frameworks (e.g., NCA CSCC, SAMA-CSF, SDAIA, NIST) within GCP.

• Security Awareness
o Provide training and support to development and operations teams on security best practices and secure configurations.

Qualifications:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

• Solid experience in information security, with a focus on cloud security, preferably in GCP.

• Strong knowledge of GCP security services, including IAM, PAM, VPC, Cloud Armor WAF, and Data Loss Prevention.

• Familiarity with security tools and frameworks for vulnerability management, logging, and monitoring.

• Strong analytical skills and a proactive approach to problem-solving.

• Excellent communication and collaboration skills to work effectively with crossfunctional teams.

• Relevant certifications (e.g., Google Cloud Professional Cloud Security Engineer, CISSP, or other cloud security certifications) are a plus.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.