Job Description

9 - 12 Years
1 Opening
Trivandrum

Role description

Role Proficiency

Provide technical leadership and expertise in cloud security, with a focus on GCP Security Architecture and compliance frameworks. Responsible for resolving complex security incidents, defining strategy for security controls, and mentoring team members in delivering secure and resilient infrastructure.

Outcomes

Define and implement GCP security architecture (KMS, IAM/SoD, VPC-SC).

Ensure compliance with PCI and other regulatory controls.

Govern encryption (in transit and at rest), secrets management (Secret Manager), and audit logging to SIEM.

Drive vulnerability management (VA, Fortify) and ensure timely remediation.

Design and enforce network segmentation and firewall policies.

Lead incident response and post-incident root cause analysis.

Mentor team members on cloud security best practices and compliance requirements.

Identify opportunities for continued security improvements and risk reduction.

Measures of Outcomes

SLA adherence for incident and escalation handling.

% of security incidents resolved within agreed OLAs.

Number of vulnerabilities identified and remediated within defined timelines.

Number of successful security audits with minimal findings.

% encryption and logging coverage across all GCP assets.

Number of automation scripts, runbooks, or KB articles created for security processes.

% completion of mandatory security training and certifications.

Outputs Expected

Resolution

Resolve escalated security incidents within agreed SLAs. Lead incident response for GCP security events, perform RCA, and implement corrective/preventive actions.

Troubleshooting

Investigate misconfigurations, access anomalies, and vulnerabilities in GCP environments. Perform security tool integrations and testing (SIEM, Fortify, VA tools).

Escalation/Elevation

Escalate critical risks to leadership and regulatory stakeholders as per OLA. Act as SME for elevated incidents across L2/L3 security teams.

Compliance

Ensure PCI controls and audit requirements are met. Coordinate internal/external audit readiness, remediation, and evidence gathering.

Collaboration

Work with DevOps, Networking, and Application teams to embed security in CI/CD. Collaborate with vendors and customers on incident response and security reviews.

Strategic

Define roadmap for cloud security controls (GCP focus, but extendable to AWS/Azure if needed). Establish metrics and dashboards for security posture tracking.

Skills (Examples)

Strong expertise in GCP security architecture - KMS, IAM/SoD, VPC-SC.

Hands-on experience with encryption mechanisms (in transit/at rest).

Experience with PCI DSS and other compliance frameworks.

Strong knowledge of secrets governance (Secret Manager).

Proficiency with audit logging, SIEM integrations, and monitoring.

Vulnerability assessment and remediation using Fortify/VA tools.

Strong incident response skills including forensics, containment, and RCA.

Network security skills - segmentation, firewall policies, IDS/IPS.

Familiarity with DevSecOps practices, CI/CD pipeline security, and automation.

Strong stakeholder communication and leadership skills.

Knowledge (Examples)

ITIL foundation and incident/change management processes.

Security standards and frameworks - PCI DSS, NIST, ISO 27001.

Cloud-native security services in GCP, and working knowledge of AWS/Azure.

Hands-on knowledge of Linux and Windows hardening.

Familiarity with scripting (Python, Bash, PowerShell) for automation.

Deep understanding of audit processes and governance models.

Knowledge of vulnerability management lifecycle and secure coding principles.

Additional Comments

Looking for a

Security SME with 10+ years of experience

, specializing in

GCP Security Architecture

and enterprise compliance. Should be able to balance technical expertise with process adherence, stakeholder management, and continuous improvement initiatives.

Skills

gcp security architecture,Pci,siem,va

About UST

UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world's best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients' organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact--touching billions of lives in the process.