GCP Cloud Security SME

Job Description: We are seeking an experienced Cloud Security Engineer to design, implement, and manage cloud network security controls in GCP. The role focuses on Infrastructure-as-Code (IaC) delivery using Terraform, integrated into Azure DevOps Pipelines and GitHub Actions.

The ideal candidate is a subject matter expert (SME) who can build secure, automated solutions from the ground up using Terraform, while documenting and transferring knowledge to internal teams. This role requires the ability to balance planned project execution within agile methodologies with rapid incident response (P0-P3) in a dynamic, fast-paced environment.

Responsibilities

· Design, implement, and manage cloud-native network security controls in GCP, including:

o GCP VPC Service Controls (VPC-SC)

o GCP Cloud Armor (DDoS/WAF protection)

o GCP Cloud Next-Gen Firewall (NGFW Enterprise) with IPS/IDS

o Zscaler Cloud Connector

· Develop, maintain, and scale Terraform-based Infrastructure-as-Code modules for cloud infrastructure and security policies.

· Build, enhance, and manage CI/CD automation using Azure DevOps Pipelines and GitHub Actions.

· Author clear documentation, runbooks, and deliver knowledge transfers and training to operational and engineering teams.

· Collaborate cross-functionally with cloud, security, and development teams to ensure secure, scalable solutions.

· Participate in agile ceremonies for planned project work and provide rapid incident response during P0-P3 security/networking events.

Applicants must be authorized to work in the US without sponsorship. Please note, this role is not able to offer visa transfer or sponsorship now or in the future., · 5+ years of hands-on experience as a Cloud Engineer or Cloud Security Engineer.

· 3+ years of hands-on experience with GCP network security services, including VPC Service Controls (VPC-SC), Cloud Armor, and NGFW with IPS/IDS.

· Strong expertise in Terraform (designing reusable modules, managing state, enterprise workflows).

· Proficiency in CI/CD tools: Azure DevOps Pipelines and GitHub Actions.

· Scripting proficiency (PowerShell, Bash, or Python) for automation and troubleshooting.

· Demonstrated experience documenting technical solutions, producing clear runbooks, and performing knowledge transfers to enable operational adoption.

· Strong troubleshooting and incident response skills in cloud environments.

Preferred Qualifications

· Experience integrating AI/ML and agentic platforms (e.g., Anthropic Claude or similar) into DevOps pipelines to automate processes, improve operational efficiency, and accelerate delivery timelines.

· Experience with additional CI/CD platforms (e.g., GitLab CI, Jenkins, CircleCI) and configuration management tools (e.g., Ansible).

· Relevant certifications:

o Cloud Security / Architecture : Google Professional Cloud Security Engineer or Google Professional Cloud Architect

· The annual salary for this position is between $122,000- $128,000 depending on experience and other qualifications of the successful candidate.

· This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans.

·

· Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

· · Medical/Dental/Vision/Life Insurance

· · Paid holidays plus Paid Time Off

· · 401(k) plan and contributions

· · Long-term/Short-term Disability

· · Paid Parental Leave

· · Employee Stock Purchase Plan

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.