SEEKING: GCP Cloud Lead Security
We are looking for a GCP Cloud Lead Security.
The GCP Cloud Lead Security will be responsible for defining low-level strategy and configurations and supporting the deployment of security solutions as part of GCP Cloud Strategy (Data Migration, Endpoint protection including server protection, Cloud App Security, Identity Protection, CSPM, CIEM, Workload protection) and security for GCP-based projects.
TASKS & RESPONSIBILITIES (Role) He/she will oversee and define technical strategy (low-level design) and configurations for the following among other security solutions associated with GCP environments:
Endpoints protection against real-time malware by identifying and blocking threats and attack surface reduction including endpoint data loss prevention. Implement strict IAM policies to ensure that only authorized users access cloud resources. Anomaly Behaviour. Apps adaptive access, device compliance and access control. Infrastructure security (serverless, containers, IaaS, PaaS, Databases). Cloud App Security (SaaS). GCP Policies and Security Governance. Security Posture Management (Cloud Compliance). WAF/DDoS. Privilege access Management. File Integrity Monitoring. Integration of Logs with SIEM for monitoring. Definition of use case scenarios for monitoring of GCP apps together with SOC. Strategy for AI in GCP Cloud. He/she is an operational partner and will report to the client's Global CISO.
EXPERIENCE, KNOWLEDGE & SKILLS Proven work experience as a Security Engineer or GCP Platform Security Expert or similar role, with a strong technical background in various IT security technologies, including infrastructure, applications, data, cloud, and network communications. Strong experience working in complex multi-country, multi-cultural environments. Extensive experience in migration projects, moving high volume databases from legacy to cloud native solutions. An enthusiasm for staying up to date with the very latest updates about security threats and solutions. Strong time management and organizational skills. Previous exposure to Linux and/or Windows Operating Systems, coding languages, and/or Networks. Strong experience on major ERPs (SAP) with wide experience rolling them out. Strong experience on GCP and other cloud vendor technologies (Microsoft and AWS). Strong data-oriented mindset. Excellent technical, analytical and project management skills to manage large-scale IT projects. Good leadership and interpersonal skills and be able to build strong relationships with key stakeholders. Good understanding of how the different technology components in the organization support its business operations. Excellent communication skills and ability to effectively communicate the IT architecture & data strategy and plans to stakeholders and IT team members. Strong problem-solving skills to identify and manage IT architecture security risks and issues. Strong analytical and critical thinking skills, ability to work under pressure. Be an effective team player working both within and outside the IS/IT organization. Work to bring stakeholders along with decisions. Ability to work independently and pro-actively contribute to a global team environment. Excellent interpersonal, communication and presenting skills; able to concisely communicate security risks to both technical and business audiences. Industry certification from vendors: ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, CompTIA Security. Strong written and verbal communication skills in English. Experience in some of the following areas: Security products including firewalls, URL filtering, information security and EDR/XDR/NDR including Microsoft E5 license stack products and GCP security. Emerging technologies and trends (ICS&OT, IIOT, Network, Infra, Cloud, data encryption, automotive industry technologies and vehicle security, etc.) Identify and understand the most common application security vulnerabilities (OWASP Top 10). Relevant laws, regulations and industry standards and frameworks related to security (NIST, SANS, CIS, ENISA, UNE, GDPR, PCI-DSS, SOC2, etc.). Implement security controls to improve system/platform overall security. Identity and Access Management. Application Security, cryptography and protocols. Secure System Development Life Cycle. Security Incident Management and monitoring. Security Operations, and Cyber Security. Vulnerability management and penetration testing. Information Security Management, Risk Management, and Asset Security. Endpoints and Server Security, MDM/MAM, Network Security, and Cloud Security. Security standards, laws, and compliance. Business continuity and disaster recovery continuity of operations plans. Language: ? Fluent in English with exceptional communication skills. (minimum C1)
WE OFFER: Full-time Freelance contract. Rate: €320/€360 per day + VAT (According to proven experience). Long Term Project. Recurrence in Projects. Location: Madrid – (Alcobendas) Hybrid 50% in person 50% teleworking per week.
#J-18808-Ljbffr