Job Description

:
Role Proficiency
Provide technical leadership and expertise in cloud security, with a focus on GCP Security Architecture and compliance frameworks. Responsible for resolving complex security incidents, defining strategy for security controls, and mentoring team members in delivering secure and resilient infrastructure.
Outcomes * Define and implement GCP security architecture (KMS, IAM/SoD, VPC-SC).

• Ensure compliance with PCI and other regulatory controls.
• Govern encryption (in transit and at rest), secrets management (Secret Manager), and audit logging to SIEM.
• Drive vulnerability management (VA, Fortify) and ensure timely remediation.
• Design and enforce network segmentation and firewall policies.
• Lead incident response and post-incident root cause analysis.
• Mentor team members on cloud security best practices and compliance requirements.
• Identify opportunities for continued security improvements and risk reduction.

Measures of Outcomes * SLA adherence for incident and escalation handling.

• % of security incidents resolved within agreed OLAs.
• Number of vulnerabilities identified and remediated within defined timelines.
• Number of successful security audits with minimal findings.
• % encryption and logging coverage across all GCP assets.
• Number of automation scripts, runbooks, or KB articles created for security processes.
• % completion of mandatory security training and certifications.

Outputs Expected
Resolution

• Resolve escalated security incidents within agreed SLAs.
• Lead incident response for GCP security events, perform RCA, and implement corrective/preventive actions.

Troubleshooting

• Investigate misconfigurations, access anomalies, and vulnerabilities in GCP environments.
• Perform security tool integrations and testing (SIEM, Fortify, VA tools).

Escalation/Elevation

• Escalate critical risks to leadership and regulatory stakeholders as per OLA.
• Act as SME for elevated incidents across L2/L3 security teams.

Compliance

• Ensure PCI controls and audit requirements are met.
• Coordinate internal/external audit readiness, remediation, and evidence gathering.

Collaboration

• Work with DevOps, Networking, and Application teams to embed security in CI/CD.
• Collaborate with vendors and customers on incident response and security reviews.

Strategic

• Define roadmap for cloud security controls (GCP focus, but extendable to AWS/Azure if needed).
• Establish metrics and dashboards for security posture tracking.

Skills (Examples) * Strong expertise in GCP security architecture - KMS, IAM/SoD, VPC-SC.

• Hands-on experience with encryption mechanisms (in transit/at rest).
• Experience with PCI DSS and other compliance frameworks.
• Strong knowledge of secrets governance (Secret Manager).
• Proficiency with audit logging, SIEM integrations, and monitoring.
• Vulnerability assessment and remediation using Fortify/VA tools.
• Strong incident response skills including forensics, containment, and RCA.
• Network security skills - segmentation, firewall policies, IDS/IPS.
• Familiarity with DevSecOps practices, CI/CD pipeline security, and automation.
• Strong stakeholder communication and leadership skills.

Knowledge (Examples) * ITIL foundation and incident/change management processes.

• Security standards and frameworks - PCI DSS, NIST, ISO 27001.
• Cloud-native security services in GCP, and working knowledge of AWS/Azure.
• Hands-on knowledge of Linux and Windows hardening.
• Familiarity with scripting (Python, Bash, PowerShell) for automation.
• Deep understanding of audit processes and governance models.
• Knowledge of vulnerability management lifecycle and secure coding principles.

Additional Comments

• Looking for a Security SME with 10+ years of experience, specializing in GCP Security Architecture and enterprise compliance.
• Should be able to balance technical expertise with process adherence, stakeholder management, and continuous improvement initiatives.

Skills:
gcp security architecture,Pci,siem,va
About Company:
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world's best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients' organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact--touching billions of lives in the process.

Skills Required