Contract role - 6months + (Outside IR35)

DevSecOps Engineer

We are seeking a skilled and experienced DevSecOps Engineer with a strong specialization in Google Cloud Platform (GCP) to join our dynamic team. In this role, you will play a pivotal role in ensuring the security and integrity of our software development processes on GCP. Your expertise in GCP, Rego policies, and terraform will be instrumental in building a secure and efficient development pipeline.

Responsibilities:

• Develop, implement, and maintain Rego policies to enforce security controls and compliance standards within our GCP infrastructure and applications.
• Collaborate with development and operations teams to integrate security into the GCP-focused CI/CD pipeline, ensuring security checks and scans are automated and seamlessly incorporated.
• Leverage your GCP expertise to architect and implement secure microservices and containerized applications, ensuring compliance with GCP security best practices.
• Design and implement infrastructure-as-code (IaC) using Terraform to define and manage GCP resources securely and efficiently.
• Perform thorough security assessments on GCP environments, utilizing GCP-specific security tools and technologies, to identify and address potential vulnerabilities.
• Conduct threat modelling and risk assessments for GCP deployments, designing effective security solutions tailored to GCP services.
• Collaborate with cross-functional teams to respond to GCP-specific security incidents promptly, conduct root cause analysis, and implement corrective actions.
• Stay current with GCP advancements, industry security trends, and best practices, sharing knowledge and insights with team members.
• Drive a culture of security awareness specific to GCP environments, ensuring security considerations are integrated throughout development.