GCP Security / DevSecOps Engineer - 1389525_46528583812_44-4658 - Beacon Hill Staffing Group, LLC
Montpelier, VT
About the Job
This job was posted by https://www.vermontjoblink.com : For more
information, please see: https://www.vermontjoblink.com/jobs/1201729
Location: Remote, but must come onsite in Atlanta once a quarter
Position: Google Cloud Security Engineer/DevSecOps Engineer
Start: ASAP
Length: 6 months, will extend or convert perm
Openings: 1
Remote: Yes, but must come onsite once a quarter
Key Focus:
- Has done security for GCP extensively
- Knows GCP services and how to secure them
- Understand GCP to do self service security for users, need to
automate more processes
- Policy, security focused. IaC Terraform highly needed, Terragrunt a
plus
- OPA, policy as code, is important. Rego language. Policy getting
consumed in the cloud and integrated into the security pipeline
- 3-5 years of experience with GCP security is key
- Really wants one day a week onsite, but is open to remote if they
can come in once a quarter.
- 6 months +, high likelihood of going longer
Position Overview: As a Security Team DevSecOps Engineer at you will
play a crucial role in safeguarding our cloud environments hosted on
Google Cloud Platform (GCP). You will work closely with our experienced
security team to ensure the confidentiality, integrity, and availability
of our clients' data and applications.
Key Responsibilities:
- Design and Implementation of Company Policies into CI/CD Pipelines
for enforcing policy requirements based off infrastructure as code
(IaC) planning.
- Terraform coding of current and future state security tooling
configurations for all or partial security stack implementations.
- Assist in reporting, explaining, and integrating of remediations
around vulnerability from static, dynamic, and real-time code
scanning.
- Coordinate with architecture function in the design and
implementation of security controls and best practices for GCP
environments.
- Monitor and analyze security alerts and incidents, taking proactive
measures to mitigate risks.
- Collaborate with cross-functional teams to assess security
requirements and provide guidance on secure cloud architecture.
- Assist vulnerability management team to identify and remediate
security vulnerabilities.
- Stay up-to-date with the latest security threats and trends, and
recommend security enhancements.
- Assist in compliance efforts by implementing security policies and
procedures.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or
related field (or equivalent work experience).
- Basic understanding of cloud computing concepts, preferably with
experience in Google Cloud Platform (GCP).
- Familiarity with security best practices, including encryption,
access control, and identity management.
- Strong problem-solving skills and attention to detail.
- Excellent communication and teamwork abilities.
- Ability to work in a flexible and rapid manner to support Agile
security development lifecycles.
- At a minimum, 4 years of active terraform coding experience at the
base template/plan level.
- At a minimum, 4 years of experience with HCL, JSON, and Python.
- At a minimum, 4 years of experience in a DevSecOps environment.
- Experience with Open Policy Agent Rego creation and addition to
CI/CD TF planning, templating, and branching strategizes.
- Experience with code scanning tooling and their supplemental
application in cloud environments.
- Relevant certifications such as Google Professional Cloud Security
Engineer, CompTIA Security+, or Certified Information Systems
Security Professional (CISSP) are a plus but not required.
Beacon Hill is an Equal Opportunity Employer that values the strength
diversity brings to the workplace. Individuals with Disabilities and
Protected Veterans are encouraged to apply.
If you would like to complete our voluntary self-identification form,
please click here or copy and paste the following link into an open
window in your browser: https://jobs.beaconhillstaffing.com/eeoc/
Completion of this form is voluntary and will not affect your
opportunity for employment, or the terms or conditions of your
employment. This form will be used for reporting purposes only and will
be kept separate from all other records.
Company Profile:
Beacon Hill Technologies, a premier National Information Technology
Staffing Group, provides world class technology talent across all
industries utilizing a complete suite of staffing services. Beacon Hill
Technologies' dedicated team of recruiting and staffing experts
consistently delivers quality IT professionals to solve our customers'
technical and business needs.
Beacon Hill Technologies covers a broad spectrum of IT positions,
including Project Management and Business Analysis,
Programming/Development, Database, Infrastructure, Quality Assurance,
Production/Support and ERP roles.
Learn more about Beacon Hill and our specialty divisions, Beacon Hill
Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal,
Beacon Hill Life Sciences and Beacon Hill Te
information, please see: https://www.vermontjoblink.com/jobs/1201729
Location: Remote, but must come onsite in Atlanta once a quarter
Position: Google Cloud Security Engineer/DevSecOps Engineer
Start: ASAP
Length: 6 months, will extend or convert perm
Openings: 1
Remote: Yes, but must come onsite once a quarter
Key Focus:
- Has done security for GCP extensively
- Knows GCP services and how to secure them
- Understand GCP to do self service security for users, need to
automate more processes
- Policy, security focused. IaC Terraform highly needed, Terragrunt a
plus
- OPA, policy as code, is important. Rego language. Policy getting
consumed in the cloud and integrated into the security pipeline
- 3-5 years of experience with GCP security is key
- Really wants one day a week onsite, but is open to remote if they
can come in once a quarter.
- 6 months +, high likelihood of going longer
Position Overview: As a Security Team DevSecOps Engineer at you will
play a crucial role in safeguarding our cloud environments hosted on
Google Cloud Platform (GCP). You will work closely with our experienced
security team to ensure the confidentiality, integrity, and availability
of our clients' data and applications.
Key Responsibilities:
- Design and Implementation of Company Policies into CI/CD Pipelines
for enforcing policy requirements based off infrastructure as code
(IaC) planning.
- Terraform coding of current and future state security tooling
configurations for all or partial security stack implementations.
- Assist in reporting, explaining, and integrating of remediations
around vulnerability from static, dynamic, and real-time code
scanning.
- Coordinate with architecture function in the design and
implementation of security controls and best practices for GCP
environments.
- Monitor and analyze security alerts and incidents, taking proactive
measures to mitigate risks.
- Collaborate with cross-functional teams to assess security
requirements and provide guidance on secure cloud architecture.
- Assist vulnerability management team to identify and remediate
security vulnerabilities.
- Stay up-to-date with the latest security threats and trends, and
recommend security enhancements.
- Assist in compliance efforts by implementing security policies and
procedures.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or
related field (or equivalent work experience).
- Basic understanding of cloud computing concepts, preferably with
experience in Google Cloud Platform (GCP).
- Familiarity with security best practices, including encryption,
access control, and identity management.
- Strong problem-solving skills and attention to detail.
- Excellent communication and teamwork abilities.
- Ability to work in a flexible and rapid manner to support Agile
security development lifecycles.
- At a minimum, 4 years of active terraform coding experience at the
base template/plan level.
- At a minimum, 4 years of experience with HCL, JSON, and Python.
- At a minimum, 4 years of experience in a DevSecOps environment.
- Experience with Open Policy Agent Rego creation and addition to
CI/CD TF planning, templating, and branching strategizes.
- Experience with code scanning tooling and their supplemental
application in cloud environments.
- Relevant certifications such as Google Professional Cloud Security
Engineer, CompTIA Security+, or Certified Information Systems
Security Professional (CISSP) are a plus but not required.
Beacon Hill is an Equal Opportunity Employer that values the strength
diversity brings to the workplace. Individuals with Disabilities and
Protected Veterans are encouraged to apply.
If you would like to complete our voluntary self-identification form,
please click here or copy and paste the following link into an open
window in your browser: https://jobs.beaconhillstaffing.com/eeoc/
Completion of this form is voluntary and will not affect your
opportunity for employment, or the terms or conditions of your
employment. This form will be used for reporting purposes only and will
be kept separate from all other records.
Company Profile:
Beacon Hill Technologies, a premier National Information Technology
Staffing Group, provides world class technology talent across all
industries utilizing a complete suite of staffing services. Beacon Hill
Technologies' dedicated team of recruiting and staffing experts
consistently delivers quality IT professionals to solve our customers'
technical and business needs.
Beacon Hill Technologies covers a broad spectrum of IT positions,
including Project Management and Business Analysis,
Programming/Development, Database, Infrastructure, Quality Assurance,
Production/Support and ERP roles.
Learn more about Beacon Hill and our specialty divisions, Beacon Hill
Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal,
Beacon Hill Life Sciences and Beacon Hill Te
Source : Beacon Hill Staffing Group, LLC