Contract Security Engineer (Azure/GCP)

• Develop, implement, and manage cloud security policies and solutions for GCP and Azure environments.
• Configure and maintain security services and tools within Google Cloud Platform (e.g., Cloud IAM, Security Command Center, VPC Service Controls) and Azure/M365 (e.g., Azure Security Center, Azure AD, Microsoft Defender for Cloud).
• Conduct regular security assessments, vulnerability scanning, and penetration testing of cloud infrastructure and applications.
• Monitor cloud environments for security threats, anomalies, and incidents, and lead incident response efforts.
• Collaborate with development, operations, and compliance teams to integrate security best practices into the CI/CD pipeline and ensure secure configurations.
• Develop and enforce security policies, standards, and guidelines for cloud services, ensuring alignment with regulatory requirements and internal security frameworks.
• Provide expertise and guidance on data protection, network security, and identity and access management within cloud platforms.
• Preferably, assess and enhance the security of Salesforce, including data security, access controls, and compliance.

• 6+ years of experience in cloud security, information security, or a related field.
• Proven direct experience securing Google Cloud Platform (GCP) environments, including a strong understanding of GCP security services and best practices.
• Solid understanding of cloud security principles, including shared responsibility model, cloud native security controls, and infrastructure as code security.
• Experience with security incident response and threat modelling.
• Google Professional Cloud Security Engineer
• Azure Security Engineer Associate (AZ-500)
• Certified Cloud Security Professional (CCSP)

Jefferson Frank