We are seeking a skilled Cloud Security Engineer to lead service certification and policy-as-code (PaC) initiatives within our GCP environments. This role combines hands-on engineering with governance, securing cloud deployments through automation, validation, and scalable policy enforcement.

Key Responsibilities :

Policy-as-Code & Security Automation :

- Design and implement Terraform Sentinel and OPA Gatekeeper policies for GCP workloads.

- Automate security controls and compliance checks using GitHub workflows and CI/CD pipelines.

- Maintain reusable policy libraries for infrastructure, IAM, data, and network domains.

Service Certification & Compliance Enablement :

- Drive service certification efforts across GCP services, aligning with internal and external compliance frameworks (ISO, SOC2, PCI-DSS).

- Collaborate with audit, risk, and engineering teams to validate cloud services against security benchmarks.

- Create documentation, playbooks, and validation checklists for certification workflows.

- Domain Specialization (Optional) : Opportunity to specialize in IAM Security, Cloud Infrastructure, Data Security, or Network Security.

Required Qualifications :

- 6- 9 years of Security Engineering experience, preferably in cloud-native environments.

- Hands-on expertise with Terraform Sentinel, OPA Gatekeeper, and GitHub-based automation.

- Strong understanding of GCP security architecture, IAM policies, and service controls.

- Experience with policy-as-code frameworks, compliance validation, and audit readiness.

- Ability to collaborate across DevOps, security, and governance teams.

Preferred Skills :

- Familiarity with CIS Benchmarks, NIST, or ISO 27001 frameworks.

- Experience with multi-cloud environments and cross-platform policy enforcement.

- Strong documentation and playbook creation skills for audit and certification workflows.

- Exposure to secrets management, runtime protection, and cloud-native security tooling.

The job is for:

May work from home