Endava Limited
GCP Security Architect
Endava Limited, Dallas, Texas, United States, 75215
Our infrastructure specialists are responsible for designing and implementing back-end services. They ensure reliability, security, and scalability for all platform layers within our solutions. Infrastructure teams provide expertise across virtualization, cloud services, storage solutions, cybersecurity, and scripting and automation.As a GCP Security Architect, you will work on enterprise-level cybersecurity projects, managing and executing cloud security solutions across lifecycle strategy, design, implementation, and operations.You will design, implement, deliver, and maintain security cloud infrastructure on the Google Cloud Platform to ensure that the cloud environment is protected against various security threats and complies with industry standards and regulations.Responsibilities:Implement and maintain a robust enterprise-level cybersecurity framework to ensure the protection and integrity of GCP cloud-based systems.Manage and execute comprehensive cloud security solutions throughout their lifecycle, from strategy and design to implementation and operations.Collaborate with cross-functional teams to support multiple projects, ensuring seamless integration and alignment with business objectives.Provide mentorship and leadership to team members, fostering a culture of continuous learning and professional development.Qualifications
Bachelor's Degree or equivalent experience.Minimum 10 years of relevant experience.Technology, Cloud, and Security expertise.Knowledge of industry standards in the information security/cloud infrastructure area (such as ISO 27000 series, NIST, CSF, and CSA).Deep understanding of security aspects in the implementation and operation of recent cloud technologies (service mesh, microservices, Kubernetes etc.).Experience with GCP (other CSPs i.e. Azure, AWS would be beneficial) and respective cloud-native security services and controls.Experience in designing, implementing, and delivering security for cloud-native, distributed computing, and architectural solutions with a principle of “Secure by Design.”Expertise in generating Threat Models, designing technical security measures for protecting highly sensitive workloads/application.Experience implementing overall security controls, guardrails, and framework for Google Cloud Platform.Setting up of secret management systems (HashiCorp Vault, Secret Manager).Experience in setting up and managing security and controls on Kubernetes, service mesh, and hybrid cloud.Experience in setting up security with CI/CD and associated tools for code scanning, image scanning, etc.Experience to develop policy as code.Review and audit existing setups for security across infrastructure, application, data, and PaaS solutions.Good knowledge of OWASP vulnerabilities.Ability to translate and present complex technological concepts to CxO audience.Experience with performing technical demos & running workshops.Comfortable with Public Speaking/presenting to small and large audiences.
#J-18808-Ljbffr
Bachelor's Degree or equivalent experience.Minimum 10 years of relevant experience.Technology, Cloud, and Security expertise.Knowledge of industry standards in the information security/cloud infrastructure area (such as ISO 27000 series, NIST, CSF, and CSA).Deep understanding of security aspects in the implementation and operation of recent cloud technologies (service mesh, microservices, Kubernetes etc.).Experience with GCP (other CSPs i.e. Azure, AWS would be beneficial) and respective cloud-native security services and controls.Experience in designing, implementing, and delivering security for cloud-native, distributed computing, and architectural solutions with a principle of “Secure by Design.”Expertise in generating Threat Models, designing technical security measures for protecting highly sensitive workloads/application.Experience implementing overall security controls, guardrails, and framework for Google Cloud Platform.Setting up of secret management systems (HashiCorp Vault, Secret Manager).Experience in setting up and managing security and controls on Kubernetes, service mesh, and hybrid cloud.Experience in setting up security with CI/CD and associated tools for code scanning, image scanning, etc.Experience to develop policy as code.Review and audit existing setups for security across infrastructure, application, data, and PaaS solutions.Good knowledge of OWASP vulnerabilities.Ability to translate and present complex technological concepts to CxO audience.Experience with performing technical demos & running workshops.Comfortable with Public Speaking/presenting to small and large audiences.
#J-18808-Ljbffr