Cloud Security Expert Sought
We are strengthening our cloud security capability and seeking an engineer to design, implement, and validate security controls across a rapidly expanding cloud estate.
The role centres on securing modern workloads running in Google Cloud, with a mix of platform engineering, identity design, configuration hardening, and continuous assessment work. You'll operate close to the infrastructure teams that build the platform and the security function that governs it, with significant room to influence how cloud controls are shaped and enforced.
About The Role
* You will help define and implement cloud security guardrails, support secure deployment patterns, and ensure that identity, configuration, and monitoring controls remain consistent as the environment scales.
* The position blends engineering, analysis, and advisory work, with a focus on improving the organisation's overall cloud posture while enabling teams to deploy safely and efficiently.
Key Responsibilities
* Develop, implement, and maintain cloud security controls across GCP services and supporting platforms.
* Shape identity and access management patterns including role structures, least-privilege controls, and workload identity design.
* Conduct targeted reviews and hands-on testing to validate the security posture of cloud workloads.
* Build and refine Terraform modules and Infrastructure-as-Code guardrails for consistent enforcement.
* Provide architectural input for new cloud services, ensuring alignment with internal standards.
* Monitor configuration drift, misconfigurations, and emerging risks across cloud projects.
* Support remediation efforts in partnership with engineering teams, offering clear technical guidance.
* Maintain documentation, design notes, and reference materials for cloud security patterns.
* Track platform changes, security updates, and industry trends relevant to cloud environments.
Requirements
* 4+ years in cloud engineering, cloud security, or infrastructure-focused security roles.
* Strong working knowledge of Google Cloud security principles (IAM, network boundaries, policy enforcement, workload identities).
* Proficiency in Python or a similar scripting language for automation and tooling.
* Hands-on experience with Terraform or other IaC tooling in a production environment.
* Solid understanding of Linux systems, networking fundamentals, and distributed infrastructure behaviour.
* Ability to analyse cloud configurations, identity flows, and platform interactions.
* Strong communication skills and the ability to work across engineering, platform, and security teams.
* Cloud/security certifications are beneficial but not required.