A GCP Security Operations Engineer is responsible for detecting, monitoring, analyzing, investigating, and responding to security threats across workloads, endpoints, and infrastructure hosted on Google Cloud. This role ensures enterprise environments remain secure by leveraging Google Cloud's advanced security tools and threat intelligence.
*Please note this is a 6 months renewable contract to be fully working remotely for a Singapore based client
*Must Able to travel into Singapore occasionally on fully paid business expense trip
Job Scope:
- Monitor and analyse security events using Google Cloud Security Command Center and Chronicle Security Operation.
- Write and optimize detection rules for log ingestion and prioritzation.
- Automate incident response workflows using orchestration tools.
- Investigate alerts and anomalies, perform root cause analysis and coordinate remediation.
- Conduct vulnerability assessments and penetration testing for GCP workloads.
- Leverage Google Threat Intelligence for proactive threat hunting.
- Identify Indicators of Compromise (IOCs) and apply threat intelligence to improve detection capabilities.
- Implement and maintain compliance policies using SCC.
- Ensure IAM roles, service accounts, and access policies adhere to least privilege principles.
- Configure dashboards for security metrics and KPIs.
- Provide executive-level reporting on security posture and incidents.
Skill sets:
- Prefer Mandarin Speaking
- Strong knowledge of Google Cloud security tools (SCC, Chronicle, Mandiant).
- Proficiency in detection engineering, log analysis, and automation scripting (Python, Bash).
- 3+ years in security operations or SOC roles.
- 1+ year hands-on experience with Google Cloud security tooling
- Google Cloud Professional Security Operations Engineer
- Additional certifications like CISSP or CCSP are a plus.
- Strong analytical and problem-solving abilities.
- Excellent communication for stakeholder engagement.
