Aktuelle Jobs

Berufsbezeichnung:CCSOps - Cloud Security Engineer

Standort: Khobar, Saudi Arabia

Art der Beschäftigung: Contract

Location - Dhahran, KSA
Job Summary:

The Cloud Security Engineer will be responsible for designing, implementing, and maintaining security controls within Google Cloud Platform (GCP). This role requires deep technical expertise in cloud security best practices, IAM, encryption, vulnerability management, and DevOps security. The engineer will work closely with development, operations, and security teams to ensure a secure cloud environment.

Required Experience:

• GCP Encryption & Key Management: 5+ years hands-on experience designing and implementing encryption solutions (SSE-KMS, SSE-C, SSE-G, client-side), key management (Cloud KMS), and HSM integration.
• GCP IAM: 5+ years managing GCP IAM (roles, permissions, service accounts, organization policies), implementing least privilege, and analyzing IAM policies. Experience building IAM pipelines using IaC.
• IaC Security: 5+ years reviewing and securing IaC (Terraform, Deployment Manager) for GCP, including static analysis for security misconfigurations.
• DevSecOps & CI/CD Security: 5+ years integrating security into DevOps pipelines (secure coding, SAST, DAST, SCA, container scanning). Experience with Checkmarx, SonarQube, Snyk, Anchore Engine.
• Container Security: 5+ years securing containerized applications (GKE, Cloud Run), including image scanning, vulnerability management, admission controllers, and security context constraints. Experience with Artifact Registry.
• Vulnerability Management: 5+ years conducting vulnerability scans (VMs, containers, databases) using tools like Qualys, Nessus, and Google Cloud Security Health Analytics. Facilitating remediation.
• CSPM: 3+ years implementing and managing CSPM solutions in GCP (Security Command Center), identifying/remediating misconfigurations and compliance violations.
• SIEM & Logging: 3+ years integrating GCP logs with SIEM/log management systems (Splunk, Elastic Stack), performing log analysis and alerting.
• GCP Network Security: 3+ years with GCP networking (VPCs, firewalls, VPN, Interconnect), understanding network segmentation and zero trust.
• Security Governance & Compliance: 3+ years developing and implementing security policies and procedures. Knowledge of NIST, CIS, ISO 27001, SOC 2.
• Incident Response: Experience participating in cloud incident response.
• Scripting/Automation: Proficiency in scripting (Python, Bash).

Recommended Certifications:

• Google Cloud Professional Cloud Security Engineer

#LI-JS1