[Remote] GCP Cloud Analyst/Developer

Note: The job is a remote job and is open to candidates in USA. PeakIT is looking for a Senior GCP Cloud Analyst/Developer to evaluate GCP services and implement security controls. This role involves developing Policy as Code to ensure secure cloud adoption while collaborating with various teams to manage the service-enablement lifecycle.

Responsibilities

• Evaluate GCP cloud services to identify security control requirements and document them in standard service enablement workbooks
• Work independently in a dedicated service analysis/development team to deliver secure GCP services to users as quickly as possible
• Present service enablement workbooks to the Cloud Standards Board (CSB) for review
• Address expert panel inquiries to secure service approval, information requests, or risk escalations
• Collaborate with threat modelers to identify risks for specific GCP services
• Present findings to the Threat Model Review (TMR) board and integrate identified mitigations into the final service control set
• Write/develop code for automated security controls to secure GCP services
• Code control, response and remediation scripts using Python and Terraform
• Build Infrastructure as Code (IaC) modules to deploy approved controls across GCP commercial and government landing zones
• Manage all control logic, configuration files, and documentation within Git repositories, following standard branching, pull and merge request workflows
• Coordinate with the CSB core team and the PaC team to align automated enforcement with organizational policy and validation standards
• Serve as a Subject Matter Expert (SME) for internal teams regarding GCP architecture and service capabilities
• Perform ad hoc technical research to resolve complex queries about emerging cloud features

Skills

• Expertise in Python, JSON, and Terraform for cloud security control automation
• Knowledge of various automated control types: Preventative, Proactive, Detective, Reactive, etc., and GCP Service Control Policies
• Experience with Git repository management and CI/CD (Continuous Integration/Continuous Deployment) concepts
• Strong understanding of GCP Cloud Architecture and core service security (e.g., IAM, VPC, KMS)
• Experience presenting and defending technical analysis to expert panels or formal committees
• GCP certifications (e.g., Associate Cloud Engineer, Professional Cloud Architect, Professional Cloud Developer, Professional Cloud Security Engineer, Professional Machine Learning Engineer)
• Experience developing custom GCP service security controls
• Experience in Governance, Risk, and Compliance (GRC) or Policy-as-Code frameworks

Company Overview