DevSecOps Engineer

About The Position

Requirements

• Bachelor degree or equivalent experience in a technical discipline.
• 5+ years of experience in DevOps, cloud security, or a related technical field.

Nice To Haves

• 5+ years of hands-on experience with GCP, including IAM, VPC, Security Command Center, and organization policies.
• Experience implementing and managing cloud security posture tools such as Wiz or similar platforms.
• Experience developing Infrastructure as Code with Terraform in GCP.
• Demonstrated experience securing CI/CD pipelines in Jenkins, GitHub Actions, or similar tooling.
• Familiarity with GCP guardrails including org policies, VPC Service Controls, and resource hierarchy security.
• Experience with container security and Kubernetes workload hardening.
• Working experience with firewalls, proxies, and network security controls in cloud environments.
• Experience scripting in Bash, Python, or similar languages to automate security tasks.
• Familiarity with GitOps practices and tools such as ArgoCD or similar.
• Experience with monitoring and observability tools including Grafana or similar.
• Understanding of DevSecOps principles and secure software development lifecycle (SSDLC) practices.
• Google Cloud security certifications (e.g., Professional Cloud Security Engineer) a plus.

Responsibilities

• Design, implement, and maintain GCP security guardrails, policies, and organizational controls to enforce security standards across cloud environments.
• Manage and continuously improve GCP Security Command Center configurations to identify, prioritize, and remediate security risks.
• Operate and administer Wiz to monitor cloud security posture, triage findings, and drive remediation efforts across GCP workloads.
• Integrate security controls and automated scanning into CI/CD pipelines to enforce secure development practices and prevent vulnerable code from reaching production.
• Build and maintain security-focused Infrastructure as Code using Terraform to provision and enforce compliant GCP resources.
• Develop and enforce GCP organization policies, IAM controls, VPC Service Controls, and network security configurations.
• Identify and remediate misconfigured cloud resources, excessive permissions, and policy violations across GCP projects.
• Collaborate with DevOps and engineering teams to embed security best practices into development workflows and deployment processes.
• Automate security compliance checks and reporting to provide visibility into the organization's security posture for stakeholders and leadership.
• Aid in designing cost-optimization strategies for cloud security infrastructure without compromising coverage or controls.
• Participate in the hiring and interview process for the department.

Benefits

• Global Payments offers a comprehensive benefits package to all of our team members, including medical, dental and vision care, EAP programs, paid time off, recognition programs, retirement and investment options, charitable gift matching programs, and worldwide days of service.
• To learn more, visit: https://jobs.globalpayments.com/en/why-global-payments/benefits/