Google Cloud Platform Cloud Security Engineer

Google Cloud Platform Cloud Security Engineer

Hybrid Role - 3 DAYS/WEEK ONSITE IN STERLING, VA

6 months contract

The Cloud Security Engineer is a hands-on technical security professional responsible for designing, implementing, and operating cloud security controls across our public cloud environments, with a primary focus on Google Cloud Platform (Google Cloud Platform)

Responsibilities

• Serve as a hands-on Cloud Security Engineer focused on securing enterprise-scale Google Cloud Platform environments.
• Design, implement, and operate cloud vulnerability management processes across compute, container, serverless, and platform services.
• Leverage and manage CSPM/CNAPP platforms (e.g., Wiz, Orca, Prisma Cloud) to identify misconfigurations, prioritize risk, and drive remediation efforts with engineering teams.
• Develop automation and security tooling using Python (preferred) or similar scripting languages to improve detection, remediation, and reporting capabilities.
• Partner with engineering and DevOps teams to integrate security controls into CI/CD pipelines and infrastructure-as-code workflows.
• Review and harden Google Cloud Platform configurations, including IAM, networking, logging, storage, and container environments.
• Support security assessments of AI/ML workloads and cloud-native data platforms; contribute to proof-of-concept initiatives related to AI/ML security where applicable.
• Collaborate with cross-functional teams to remediate vulnerabilities identified through CSPM tools, scanners, and cloud-native security services.
• Contribute to the development and maintenance of cloud security standards, configuration baselines, and operational documentation.
• Support multi-cloud security initiatives, including AWS and Azure environments where required.
• Stay current with emerging cloud threats, vulnerability trends, and advancements in cloud security tooling.
• Google Cloud Platform Cloud Security Engineering and Hardening (15%)
• Cloud Vulnerability Management - analysis, prioritization, remediation coordination (30%)
• CSPM/CNAPP Operations and Risk Reduction (10%)
• Security Automation and Python Development (15%)
• CI/CD and DevSecOps Integration (10%)
• Architecture Reviews and Engineering Collaboration (10%)
• AI/ML and Emerging Technology Security Support (5%)
• Documentation and Continuous Learning (5%)

Requirements

• 7+ years of experience in Cloud Vulnerability Management; Vulnerability identification, prioritization, risk assessment, and remediation coordination across cloud workloads and services
• 7+ years of experience with both AWS and Google Cloud Platform; Cloud experience within a production environment
• 3+ years of experience with at least one CSPM/CNAPP platform (e.g., Wiz, Orca, Prisma Cloud, Lacework, or equivalent)

Preferred

• Cloud security certifications
• Google Cloud Platform Professional Cloud Security Engineer
• AWS Security Specialty or Solutions Architect
• Azure Security Engineer or Solutions Architect
• Experience with AI/ML platforms and securing machine learning workloads; prior proof-of-concept or project experience is a plus
• Knowledge of AWS and/or Azure security services and architecture
• Familiarity with Oracle Cloud Infrastructure (OCI)
• Experience integrating security tooling with platforms such as Slack, Jira, and CI/CD pipelines
• Experience with SIEM and observability platforms (e.g., Splunk)
• Azure Experience is a plus
• Experience with Brinqa

Soft Skills

Excellent written and verbal communication skills with the ability to collaborate effectively with engineering and security stakeholders.

Technology

• Demonstrated hands-on experience securing Google Cloud Platform (Google Cloud Platform) environments in production.
• Strong knowledge and practical experience in Cloud Vulnerability Management, including vulnerability identification, prioritization, risk assessment, and remediation coordination across cloud workloads and services.
• Hands-on experience with at least one CSPM/CNAPP platform (e.g., Wiz, Orca, Prisma Cloud, Lacework, or equivalent)
• Proficiency in Python (preferred) or similar programming/scripting languages, with experience developing automation or security tooling.
• Strong understanding of cloud IAM concepts, least-privilege access, and identity governance in Google Cloud Platform.
• Solid understanding of cloud networking fundamentals, including VPC design, routing, segmentation, and secure connectivity patterns.
• Experience securing containerized workloads and Kubernetes environments.
• Familiarity with Infrastructure-as-Code (Terraform preferred) and secure configuration management practices.
• Strong understanding of security principles, risk management, and compliance considerations in public cloud environments.

Education

BS in Computer Science, Information Security, or related technical discipline, or equivalent practical experience

Azure Certifications - Azure Fundamentals, Solutions Architect

The estimated pay range for this position is USD $75.00/hr - USD $82.50/hr. Exact compensation and offers of employment are dependent on job-related knowledge, skills, experience, licenses or certifications, and location. We also offer comprehensive benefits. The Talent Acquisition Partner can share more details about compensation or benefits for the role during the interview process.