Description
Qualifications and experience
The ideal candidate for this role will have the below experience and qualifications
- Handson experience with CNAPPCSPM platforms ideally Wiz or equivalent such as Prisma Cloud Orca CrowdStrike
- Strong understanding of GCP security and associated best practices including IAM loggingmonitoring network security controls and containerKubernetes security concepts
- Experience assessing cloud security findings in context determining material risk impact and appropriate remediation options
- Experience working with DevSecOps CICD teams and embedding security controls into delivery and operational workflows
- Strong stakeholder management and collaboration skills across engineering operations and cybersecurity teams
- Experience working in a regulated environment with an understanding of auditability and control evidence
Essential Skills
- Demonstrable experience improving cloud security posture on GCP using CNAPPCSPM tooling and governance processes
- Ability to triage and tune security findings drive remediation and report progress using meaningful metrics
- Working knowledge of cloud security standards control frameworks and operational risk considerations eg logging monitoring access control resilience
- Strong written and verbal communication skills with the ability to communicate complex security topics clearly to technical and nontechnical stakeholders
- Experience working within an Agile environment
Desirable Skills
- GCP certifications ideally securityfocused eg Professional Cloud Security Engineer
- Experience supporting CNAPP across multicloud environments AWSAzure in addition to GCP
- Experience integrating CNAPP outputs into enterprise reporting and governance processes
Skills
Mandatory Skills : Agile (Value-Driven Delivery), Application Security (application security framework/ threat modelling/ Secure SDLC/ DevSecOps/Application Security Architecture Review), Network Security Architecture
