Google Cloud Security Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related field (or equivalent practical experience).
• 0–3 years of experience in cybersecurity engineering, cloud engineering, security operations, or related technical internships/rotations.
• Exposure to at least one cloud platform (Google Cloud preferred) with understanding of core security concepts (IAM, networking, logging/monitoring, encryption).
• Basic familiarity with SIEM concepts (log sources, parsing/normalization, alerting, investigation workflows).
• Foundational understanding of cloud identity and access controls (roles/permissions, service accounts, least privilege concepts).
• Working knowledge of cloud logging/monitoring and why audit logs matter for security operations.
• Familiarity with network security basics (segmentation, boundary protection concepts, secure communications).
• Comfortable writing clear documentation and collaborating cross-functionally with engineering and operations teams.

Nice To Haves

• Scripting/automation mindset (Python or similar) is a plus.
• Google Cloud: Associate Cloud Engineer (strongly preferred as junior baseline); Professional Cloud Security Engineer (stretch as experience grows).
• Security fundamentals: CompTIA Security+ (or equivalent).
• Cloud security fundamentals: CCSK or CCSP (as role matures).
• SIEM/Detection: Training aligned to Google SecOps / Chronicle SIEM concepts (SIEM/SOAR learning path).

Responsibilities

• Assist in implementing and maintaining secure configurations across Google Cloud environments, focusing on least privilege access, resource hierarchy/policies, and workload protection patterns.
• Support security design reviews for new/changed cloud services and applications (e.g., networking changes, service accounts, logging requirements).
• Help deploy and validate baseline security controls such as encryption, key management practices, and secure network boundary protections (e.g., segmentation and perimeter controls where applicable).
• Contribute to Infrastructure-as-Code (IaC) security hygiene by reviewing and improving cloud configurations for repeatability and reduced drift (tooling used by the platform team).
• Help operationalize cloud security monitoring by ensuring audit and security telemetry is available and usable for investigations (visibility, alert context, and log quality).
• Support vulnerability and configuration findings triage by partnering with engineering teams to validate issues and track remediation progress.
• Assist with SIEM data onboarding efforts: coordinate with system owners, validate ingestion, and support normalization/correlation readiness.
• Support detection content lifecycle activities such as documentation updates, basic tuning support, and reporting on alert quality (false positives/noise reduction).
• Help build repeatable processes for log source onboarding and SIEM content management (runbooks, checklists, dashboards, and metrics).
• Partner with SecOps stakeholders to improve investigation workflows and ensure SIEM capabilities are aligned to operational needs (search, context, and investigation views).
• Maintain security documentation (control narratives, diagrams, standards) and contribute to “secure-by-default” enablement content for engineering teams.
• Coordinate with cloud engineering, Security Architecture, and SecOps teams to plan and execute small-to-medium security initiatives.