Staff Cloud Security Consultant
Los Angeles, CA, USA or Remote - 5 months ago
Join SADA as a Staff Cloud Security Consultant!
As a Staff Cloud Security Consultant (Staff CSC) at SADA, you will help organizations architect and implement secure infrastructures on Google Cloud Platform. Through an understanding of Google Cloud security best practices and industry security requirements, you will help our clients design, develop and manage a mature security infrastructure leveraging Google Cloud security technologies.
You are proficient in all aspects of Google Cloud Security including managing identity and access management, defining organizational structure and policies, using Google Cloud technologies to provide data protection, configuring network security defenses, collecting and analyzing Google Cloud Platform logs, managing incident response processes and understanding regulatory concerns. You will lead in assessing and remediating security gaps in large enterprises, providing both prescriptive recommendations to improve as well as lead hands-on-keyboard work implementing your recommendations. You will work side-by-side with client teams that rely on you as a trusted advisor to lead them through implementing the security recommendations you make.
Our Staff CSCs firmly believe that using infrastructure-as-code to implement security controls is the best approach for scaling security in Google Cloud. You should have a deep, passionate interest in cybersecurity and be willing to dive deep, working towards client solutions in security areas that are rapidly changing. You must be able to work independently without oversight while leading clients and junior team members. You will be the lead in client-facing discussions as a cloud security SME and must be able to answer challenging security questions from clients using GCP. Our Staff CSC roles combine leadership, mentoring, and consulting with hands-on work to drive successful outcomes for our clients.
Pathway to Success
#MakeThemRave is at the foundation of all our engineering. Our goal is to provide customers with an exceptional experience in maturing the security of their Google Cloud Platform environments.
Your success comes from your enthusiasm, insight, and positive impact. You will be given direct feedback quarterly with respect to the scope and quality of your contributions, your ability to estimate accurately, customer feedback at the close of projects, your collaboration with your peers, and the consultative skill you demonstrate in customer interactions.
As you continue to execute successfully, we will build a personalized development plan together that leads you through the Staff CSC growth tracks.
- Required Travel - none. This is a remote position. You should have great remote work discipline. This could change in the future, but we see remote work as the future and have embraced it at SADA.
- Customer Facing - You will interact with customers on a regular basis, sometimes daily, other times weekly/bi-weekly. You can expect to interact with a range of customer stakeholders, including engineers, technical project managers, and executives.
- Training - Ongoing with first-week orientation followed by a 30-day onboarding schedule. Due to the COVID-19 pandemic, all onboarding will be temporarily conducted remotely.
- You should already have your Google Professional Cloud Security Engineer certification before starting.
- At least one common security certification such as GSEC, CEH, CISSP, CCSP, or CCSK.
- You must have at least 2 years of experience helping customers make decisions to achieve complex security outcomes in Google Cloud.
- Strong comprehension of GCP security services working hands-on-keyboard (“HOK”).
- Experience implementing and managing identity solutions: MFA/2SV, SAML, OAuth.
- Direct experience architecting serverless and containerized workloads using security best practices for Kubernetes clusters.
- Experience architecting solutions for immutable infrastructure-as-code using tools like Deployment Manager, Terraform, Ansible, Chef, Puppet, Salt, and Packer.
- Experience implementing DevSecOps pipelines, providing cloud security guardrails with tools such as Terraform Validator or Chef Inspec.
- Previous leadership roles in Incident Response, post-breach forensics, implementing security benchmarks, integrating SIEM tools, automating responses with SOAR tools, and threat hunting through logging systems.
- Previous experience conducting GCP Security Assessments or security engagement work for huge enterprise client environments (more than 30k GCP projects).
- Experience working with multiple compliance and privacy frameworks (FedRAMP, PCI-DSS, FIPS, CCPA, HIPAA, GDPR, etc…).
- Knowledge and understanding of security industry trends and new technologies and the ability to apply learnings in an evolving cloud security threat landscape.
- Proven experience and understanding of security principles across infrastructure platforms, data layers, integration points, and application layers.
- Previous red team experience in GCP environments using attack methodologies like resource enumeration, bucket scanning, IP spoofing, SQL injection, ransomware, malware, and phishing.
- A strong dislike of “Security Theatre”.
Values: We built our core values on themes that internally compel us to deliver our best to our partners, our customers and to each other. Ensuring a diverse and inclusive workplace where we learn from each other is core to SADA’s values. We welcome people of different backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer.
- Make them rave
- Be data-driven
- Be one step ahead
- Be a change agent
- Do the right thing
Work with the best: SADA has been the largest partner in North America for GCP since 2016 and has been named the 2019 and 2018 Google Cloud Global Partner of the Year. SADA has also been awarded Best Place to Work year after year by the Business Intelligence Group, Inc. Magazine, as well as LA Business Journal!
Benefits: Unlimited PTO, Paid Parental Leave, competitive and attractive compensation, performance-based bonuses, paid holidays, rich medical, dental, vision plans, life, short and long-term disability insurance, 401K/RRSP with match, professional development reimbursement program as well as Google Certified training programs.
Business Performance: SADA has been named to the INC 5000 Fastest-Growing Private Companies list for 12 years in a row garnering Honoree status. CRN has also named SADA on the Top 500 Global Solutions Providers for the past 5 years. The overall culture continues to evolve with engineering at its core: 3200+ projects completed, 3000+ customers served, 10K+ workloads and 25M+ users migrated to the cloud.