Senior Associate - Senior GCP Security Engineer
About The Position
We are looking for a Senior GCP Security Engineer who lives on GCP and can own the security architecture end-to-end, not just advise on it. You will design guardrails, write Terraform, integrate with Harness CI/CD pipelines, and partner with engineering teams to ensure every resource deployed is secure by default. This role is GCP-first. Familiarity with AWS and Azure is a plus, but your day-to-day will be deep in Google Cloud: securing GKE workloads, governing AI pipelines on Vertex AI, managing identities via ICAM, and using native GCP security services to detect and respond to threats.
Requirements
- 5+ years of experience in cloud security, with the majority focused on GCP environments.
- Deep hands-on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Secret Manager, DLP, and SCC.
- Strong Elastic SIEM experience including log ingestion, detection engineering, alert management, and threat correlation.
- Production-level Terraform experience including module development, infrastructure automation, and state management.
- Experience integrating security controls into CI/CD pipelines using Harness or equivalent platforms.
- Strong knowledge of Kubernetes and GKE security including pod security admission, network policies, Workload Identity, and Binary Authorization.
- Hands-on experience with ICAM or enterprise identity platforms governing non-human identities and workload access.
- Practical knowledge of AI/ML security including Vertex AI workload protection, LLM API governance, and training data security.
Nice To Haves
- Google Professional Cloud Security Engineer or Professional Cloud Architect certification.
- Experience with policy-as-code tooling such as OPA/Rego, Sentinel, or Checkov.
- Familiarity with AWS security services including IAM, GuardDuty, SCPs, and multi-cloud security architectures.
- Experience with Cribl Stream or similar log routing technologies integrated with Elasticsearch.
- Understanding of compliance-driven security requirements including NY DFS 23 NYCRR 500, NAIC, NIST CSF, CIS Benchmarks, and ISO 27001.
- Working knowledge of enterprise identity platforms including SailPoint, CyberArk, Ping Identity, Active Directory, and LDAP.
- Experience securing AI agent frameworks such as LangChain or Vertex AI Agent Builder.
Responsibilities
- Design guardrails
- Write Terraform
- Integrate with Harness CI/CD pipelines
- Partner with engineering teams to ensure every resource deployed is secure by default
- Secure GKE workloads
- Govern AI pipelines on Vertex AI
- Manage identities via ICAM
- Use native GCP security services to detect and respond to threats
Benefits
- Leave programs
- Adoption assistance
- Student loan repayment programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
