GCP Security Sr. Engineer/Architect (Threat Modeling) Position Available In Miami-Dade, Florida
Tallo's Job Summary: As a GCP Security Sr. Engineer/Architect (Threat Modeling), you will focus on Security Architecture and Threat Modeling for Public Cloud Providers. Essential qualifications include 8+ years of tech experience, proficiency in GCP, knowledge of security principles, and familiarity with threat modeling methodologies. Strong problem-solving skills, communication abilities, and collaboration are key. Professional Security Certifications and relevant GCP certifications are highly desirable.
Job Description
GCP Security Sr. Engineer/Architect (Threat Modeling)
Job ID:
2025-915992911 Grand Avenue Miami Florida 33133 United StatesOthers
Apply now
Job Description Job Description As a Senior Engineer – Threat Modeling you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. This position entails an individual contributor role focused on Security Architecture and Threat Modeling, encompassing governance, evaluation of public cloud services, and conducting security reviews for Public Cloud Providers. Collaboration and partnership with Engineering, Information Security, Program Management, and Development teams are essential. The candidate will conduct technical architecture reviews to pinpoint security opportunities, identify exploitable threats, and propose mitigation strategies. Qualifications Qualifications We are seeking an ideal candidate with 8+ years of experience in a range of technologies and processes including: Proficiency in GCP – essential
Strong knowledge of security architecture principles, frameworks, and best practices
Experience working with threat modeling methodologies such as
MITRE ATT&CK, STRIDE, PASTA
etc.
Overall experience in
Cybersecurity:
5+ years
Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and network/segmentation
Knowledge of Rest API
Knowledge in scripting languages and Infrastructure as Code (Terraform, CloudFormation)
Familiarity with Jira or other ticketing systems – essential
Technical architecture design and review skills – essential
Ability to identify vulnerabilities using CWE or OWASP
Knowledge of operating systems and their hardening techniques
Understanding of development concepts such as CICD, Pipelines, and SDLC
Penetration testing knowledge is also super useful
Familiarity with Cloud Development Kit (CDK) and GitOps
Experience operating in a DevOps/agile team environment
Understanding of docker, Kubernetes, serverless architecture, and Helm
Exposure to platforms like Snowflake, MongoDB, Terraform Cloud, GitHub, and Databricks
Strong analytical skills, diligence, and attention to detail
Willingness to conduct research using vendor documentation
Capability to create and maintain high-quality documentation
Possession of an adversary mindset
Continuous learning attitude towards new technologies and methodologies
Strong problem-solving skills
Excellent communication and collaboration abilities
Ability to build and nurture relationships across cross-functional teams
Set Yourself Apart With:
Professional Security Certifications:
CISSP, CCSP, CISA, CISM, ITIL
Relevant GCP certifications are highly desirable: GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer.
Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
Hands-on-experience with cloud security designs on GCP
Experience working in regulated environments
Exposure to agile development, DevOps, SecOps and scrum teams
Experience with another CSP provider: AWS, Azure
Development experience (python, Node)
Strong desire to learn and contribute solutions and ideas to broader team
