In this role, you will have the opportunity to support the oversight and security validation of our current technology platform and new Zero Trust environment within the Google Cloud Platform (GCP).
As a key member of our second line-of-defense (2LoD) security team, you will act as a collaborative partner to our development and operations teams. Your focus will be on providing independent technical review and vulnerability management expertise to ensure security is effectively embedded into the fabric of our applications.
You will play a vital role in identifying risks and ensuring our systems remain "secure by design" through proactive monitoring and reporting. If you are a detail-oriented professional who is passionate about cloud security and wants to make a tangible impact on a strategic, multi-year program, this is the role for you.

Requirements

Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field (or equivalent experience/internships).
1–3 years of experience in an information security role (experience in application security or cloud security is a plus).
Foundational understanding of Google Cloud Platform (GCP) services and basic cloud security concepts.
Strong knowledge of common application vulnerabilities (e.g., OWASP Top 10).
Experience using vulnerability scanning or management tools (e.g., Cycode, Checkmarx, FOSSA)
Strong organizational skills with the ability to track multiple technical tasks and follow up on remediation.
Secure coding knowledge and techniques to provide developers with actionable guidance
Proactive self-starter with a passion for continuous learning in the evolving cloud security landscape and a demonstrated ability to identify and address security gaps independently
Good communication skills, with the ability to explain security risks to both technical and non-technical stakeholders.
**Even better, you may have...**
Relevant Cyber Security certifications (e.g., CompTIA Security+, Google Cloud Digital Leader, ISC2)
Familiarity with Infrastructure as Code (IaC) security practices and tools (e.g., Terraform, Mondoo, Open Policy Agent).
Knowledge of common security frameworks and compliance standards (e.g., NIST, ISO 27001, SOC 2, GDPR).
Experience with security monitoring, logging, and alerting solutions in a cloud environment (e.g., GCP Security Command Center, Cloud Logging, Cloud Monitoring).
Experience with containerization (Docker) or CI/CD tools.

Benefits

📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud securityapplication securityvulnerability managementsecure codingvulnerability scanningInfrastructure as Code (IaC)containerizationCI/CD toolsGoogle Cloud Platform (GCP)common application vulnerabilities

Soft Skills

detail-orientedorganizational skillsproactive self-startercontinuous learningcommunication skills

Certifications

CompTIA Security+Google Cloud Digital LeaderISC2