Job Overview
Weare seeking an experienced Cloud Security Engineer to remediate security risks in our Google Cloud Platform (GCP) and Amazon Web Services (AWS) environments.
This role will focus on implementing robust security controls, improving monitoring capabilities, and enhancing our overall cloud security posture.
Key Responsibilities
Implement and optimise security controls in GCP and AWS environments;
Set up and configure cloud-native security tools such as GCP Security Command Center, Cloud Armor, AWS GuardDuty, and AWS WAF;
Develop and implement comprehensive logging and monitoring solutions for cloud infrastructure;
Conduct security assessments and vulnerability scans of cloud environments;
Implement data loss prevention (DLP) strategies for cloud-based services;
Assist in the development and enforcement of cloud security policies and procedures ;
Collaborate with development and network teams to implement security best practices;
Design and implement secure cloud network architectures;
Manage cloud IAM configurations and implement least privilege access;
Implement and manage encryption for data at rest and in transit;
Assist in cloud-related incident response and forensics.
Required Skills and Experience
5+ years of experience in cloud security, with a focus on GCP;
Strong knowledge of cloud security best practices and compliance standards (e.g., CIS benchmarks, NIST);
Hands-on experience with cloud-native security tools and service;
Proficiency in scripting languages (e.g., Python, Bash) for automation of security tasks;
Experience with infrastructure-as-code tools like Terraform;
Familiarity with container security and Kubernetes;
Understanding of network security concepts as they apply to cloud environments;
Experience with cloud-based identity and access management (IAM)
Preferred Qualifications
Relevant cloud security certifications (e.g., CCSP, AWS Certified Security- Specialty, Google Cloud Certified- Professional Cloud Security Engineer);
Experience with multi-cloud security strategies;
Knowledge of DevSecOps practices and CI/CD pipeline security.
CONTRATAÇÃO PJ E MODELO HIBRIDO.