More jobs:
DevSecOps Engineer - GCP
Job in
Virginia Beach, Virginia, 23451, USA
Listed on 2026-07-16
Listing for:
9DTechnologies
Full Time
position Listed on 2026-07-16
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Job Title
9D Technologies & ImaginationAI are at the forefront of app publishing, delivering innovative and engaging mobile experiences to users around the globe. Our mission is to create extraordinary digital experiences that captivate and entertain, and we are committed to pushing the boundaries of creativity and technology.
Key Responsibilities- Review, audit, and strengthen security across all GCP projects, folders, billing accounts, service accounts, IAM roles, APIs, deployed workloads, and third-party integrations.
- Compile and maintain a centralized inventory of all enabled and deployed services across projects, including Cloud Run, Cloud Functions, Big Query, Cloud Storage, Pub/Sub, Firebase, APIs, service accounts, networking resources, billing-linked services, owners, dependencies, risks, and business purpose.
- Implement and manage GCP Organization Policies to control risky configurations, external identities, public access, service account key creation, resource sharing, and insecure deployments.
- Audit IAM access at project and organization level to remove unauthorized, non-organizational, inactive, excessive, or risky permissions, while applying least-privilege access controls.
- Review and secure API keys, OAuth clients, service accounts, Firebase projects, Cloud Run services, Big Query datasets, Cloud Storage buckets, Pub/Sub topics, and external integrations.
- Reduce or eliminate long-lived service account keys by implementing secure alternatives such as Secret Manager, Workload Identity Federation, short-lived credentials, and controlled service account impersonation.
- Assess the impact of security policies on existing products, dashboards, pipelines, APIs, Cloud Run services, Big Query workloads, and other production systems, and design secure workarounds where required.
- Enable budget kill switches across billed projects and billing accounts using Cloud Billing budgets, Pub/Sub alerts, automation scripts, and controlled shutdown or billing-disablement actions when defined thresholds are reached.
- Configure monitoring, alerting, and incident detection using Cloud Logging, Cloud Monitoring, Security Command Center, IAM Recommender, audit logs, and billing alerts.
- Identify unused, risky, misconfigured, publicly exposed, or externally accessible services and coordinate with relevant teams to secure, restrict, migrate, or decommission them.
- Build and maintain security documentation, access review processes, incident response workflows, policy exception records, remediation plans, and project onboarding standards.
- Work closely with engineering, data, Dev Ops, product, and management teams to implement security controls without disrupting active services.
- Maintain proper documentation for Organization Policy exemptions, IAM changes, access exceptions, approvals, expiry dates, and remediation plans to ensure audit readiness.
- Support multi-cloud security and governance use cases, especially AWS-to-GCP migration, including workload migration, networking, data access, and secure migration planning.
- Work with Dev Ops teams to secure CI/CD pipelines, Git Hub Actions, Docker images, secrets, and deployment workflows.
- Support security and governance for AI infrastructure on GCP, including Vertex AI, GPU workloads, notebooks, model pipelines, AI service accounts, access controls, and cost-risk monitoring.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×