Security Engineer
HubSpot
AWSAzureCloudCyber SecurityGoGoogle Cloud PlatformPython
Senior Product Security Engineer
Doppel
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteSalary
💰 $175,000 - $200,000 per year
Job Level
Senior
Tech Stack
CloudCyber SecurityGoogle Cloud PlatformKubernetesTerraform
About the role
- Run security architecture reviews for product features and the GCP environment; lead threat modeling and document risks, controls, and recommendations.
- Own penetration testing engagements end-to-end: scoping, rules of engagement, coordination, validation, retest, remediation tracking.
- Act as the GCP security SME advising on secure patterns for networking, data protection, compute runtimes, CI/CD, logging/monitoring.
- Design and enforce least-privilege IAM: role design, service account lifecycle, workload identity, IAM Conditions, org/folder policy constraints, access reviews.
- Triage and route product security findings to engineering owners; tune rules, set severities/SLAs, drive remediation and capture exceptions.
- Contribute security guardrails via policy and infrastructure-as-code and integrate pre-merge checks in CI/CD.
- Create documentation and runbooks (design review checklist, IAM standards, exception process) and deliver enablement sessions; report progress and risks to security leadership.
- Mentor engineers and code owners on secure-by-default coding and architecture best practices.
Requirements
- 5–7 years of experience in product security, cloud security engineering, or a related field.
- Strong knowledge of Google Cloud Platform (GCP) services and security best practices, including IAM, networking, data protection, and workload runtimes.
- Hands-on experience with penetration testing coordination, threat modeling, and risk assessment.
- Proficiency with Infrastructure-as-Code tools (Terraform, policy controllers, CI/CD integrations).
- Familiarity with designing and enforcing least-privilege IAM and conducting access reviews.
- Ability to communicate security risks and recommendations clearly to engineering and leadership audiences.
- Preferred: Professional certifications such as GCP Professional Cloud Security Engineer, OSCP, or CISSP.
- Preferred: Experience building reusable security guardrails and automation at scale.
- Preferred: Familiarity with Kubernetes (GKE) and container security.
- Preferred: Prior success mentoring engineers or embedding security practices into development lifecycles.
- Preferred: Experience reporting security metrics and influencing technical and business decision-making.
Similar jobs on JobTailor
IT Infrastructure Architect, Linux Admin
Velotio Technologies
AWSAzureCloudGoogle Cloud PlatformIoTKubernetesLinuxPython
Senior Security Consultant
ProArch
AWSAzureCloudCyber SecurityGoogle Cloud PlatformIoTPythonSplunk
Senior Data Manager
CI&T
AWSAzureCloudGoogle Cloud PlatformIoT
Senior Full Stack Engineer
Vantage
AWSAzureCloudGoogle Cloud PlatformRubyRuby on Rails