Cloud Security Engineer

Role: Cloud Security EngineerLocation: Louisville, KYDuration: ContractVisa : USC & GC only on W2Job Description:Role Descriptions: We are seeking an experienced Cloud Security Engineer to design, implement, and manage cloud network security controls in GCP. The role focuses on Infrastructure-as-Code (IaC) delivery using Terraform, integrated into Azure DevOps Pipelines and GitHub Actions. The ideal candidate is a subject matter expert (SME) who can build secure, automated solutions from the ground up using Terraform, while documenting and transferring knowledge to internal teams. This role requires the ability to balance planned project execution within agile methodologies with rapid incident response (P0–P3) in a dynamic, fast-paced environment.Responsibilities· Design, implement, and manage cloud-native network security controls in GCP, including:o GCP VPC Service Controls (VPC-SC)o GCP Cloud Armor (DDoS/WAF protection)o GCP Cloud Next-Gen Firewall (NGFW Enterprise) with IPS/IDSo Zscaler Cloud Connector· Develop, maintain, and scale Terraform-based Infrastructure-as-Code modules for cloud infrastructure and security policies.· Build, enhance, and manage CI/CD automation using Azure DevOps Pipelines and GitHub Actions.· Author clear documentation, runbooks, and deliver knowledge transfers and training to operational and engineering teams.· Collaborate cross-functionally with cloud, security, and development teams to ensure secure, scalable solutions.· Participate in agile ceremonies for planned project work and provide rapid incident response during P0–P3 security/networking events.· Collaborate with security, network, and application teams to enforce security best practices.· Automate infrastructure provisioning and deployment using Infrastructure as Code (IaC).· Monitor and optimize cloud security posture and performance.· Troubleshoot and resolve issues related to networking, security policies, and connectivity.· Ensure compliance with enterprise security standards and governance policies.· Participate in design reviews, risk assessments, and incident response activities.Required Qualifications· Work must be performed within the United States (onshore only; no offshore work permitted).· 5+ years of hands-on experience as a Cloud Engineer or Cloud Security Engineer.· 3+ years of hands-on experience with GCP network security services, including VPC Service Controls (VPC-SC), Cloud Armor, and NGFW with IPS/IDS.· Strong expertise in Terraform (designing reusable modules, managing state, enterprise workflows).· Proficiency in CI/CD tools: Azure DevOps Pipelines and GitHub Actions.· Scripting proficiency (PowerShell, Bash, or Python) for automation and troubleshooting.· Demonstrated experience documenting technical solutions, producing clear runbooks, and performing knowledge transfers to enable operational adoption.· Strong troubleshooting and incident response skills in cloud environments.Preferred Qualifications· Experience integrating AI/ML and agentic platforms (e.g., Anthropic Claude or similar) into DevOps pipelines to automate processes, improve operational efficiency, and accelerate delivery timelines.· Experience with additional CI/CD platforms (e.g., GitLab CI, Jenkins, CircleCI) and configuration management tools (e.g., Ansible).· Relevant certifications:o Cloud Security / Architecture: Google Professional Cloud Security Engineer or Google Professional Cloud Architecto IaC / DevOps: HashiCorp Certified: Terraform Associate or Azure DevOps Engineer Expert