DevSecOps Engineer - Google Cloud Platform

Job role : DevSecOps Engineer

Role Summary :

We are seeking a highly skilled and security-focused DevSecOps Engineer to design, implement, and manage secure, scalable CI/CD pipelines and cloud infrastructure on Google Cloud Platform (GCP). This role is responsible for enabling secure application delivery using Cloud Run, GKE, and Terraform, while embedding DevSecOps best practices across the software development lifecycle. The ideal candidate will ensure compliance, reliability, scalability, and performance across cloud environments.

Key Responsibilities :

- Design, implement, and manage secure CI/CD pipelines using Cloud Build, Jenkins, or Tekton.

- Provision, configure, and manage GCP infrastructure using Terraform (Infrastructure as Code).

- Deploy, manage, and scale containerized applications on Cloud Run and Google Kubernetes Engine (GKE).

- Implement container security best practices, including vulnerability scanning, SAST/DAST, and dependency scanning.

- Enforce IAM policies, VPC configurations, and cloud security controls aligned with best practices.

- Integrate security controls into CI/CD workflows to enable shift-left security.

- Monitor, log, and troubleshoot cloud environments to ensure performance, reliability, and high availability.

- Collaborate with development teams to establish DevSecOps frameworks, governance standards, and compliance automation.

- Manage release orchestration, branching strategies, and version control processes.

Required Skills & Expertise :

Cloud Platforms :

- Google Cloud Platform (GKE, Cloud Run, IAM, VPC, Cloud Build, Artifact Registry)

CI/CD & Automation :

- Jenkins, Tekton, Cloud Build

- Git, branching strategies, release management

Infrastructure as Code :

- Terraform

Containers & Orchestration :

- Docker

- Kubernetes (GKE)

Security & Compliance :

- SAST/DAST tools (e.g., Checkmarx)

- FOSSA (open-source license compliance)

- Container vulnerability scanning tools

- DevSecOps frameworks and compliance automation

Monitoring & Observability :

- GCP Operations Suite (Cloud Monitoring & Cloud Logging)

Preferred Qualifications :

- Experience implementing secure cloud architectures on GCP

- Strong understanding of DevSecOps principles and cloud security best practices

- Experience in compliance-driven environments

- Excellent troubleshooting and cross-functional collaboration skills.