Listing Description

Location

This role is based remotely in our NEMEA team and can be based in the Netherlands, Germany, Estonia, Sweden or Switzerland.

Who We Are

We enable greatness through the cloud.  We thrive on working with fast growing companies around the world to solve both essential and advanced cloud challenges.  DoiT provides intelligent technology that simplifies and automates cloud usage, alongside expert consultancy and unlimited technical support, all at no extra cost to our customers.  Join our mission where you’ll work remotely with a committed, experienced, and global team in a collaborative and supportive culture.  We are an award-winning strategic partner of Google Cloud and AWS, we provide intelligent technology, expert consultancy and unlimited technical support for customers across more than 70 countries.

The Opportunity

We are seeking a highly skilled and experienced GCP Security Cloud Architect to join our team. As a GCP Security Cloud Architect, you will contribute to our customer's journey on evaluating, designing, developing and maintaining their cloud infrastructure on the GCP platform. You will work closely with cross-functional teams to ensure that the infrastructure is optimized for performance, cost, and security.

Responsibilities

• Working knowledge of GCP security services and features to provide a secure production environment and an understanding of security operations and risks


• Knowledge of the GCP shared responsibility and shared fate models and their application; security controls for all kinds of workloads on GCP; logging and monitoring strategies; cloud security threat models; patch management and security automation; ways to enhance GCP security services with third-party tools and services; and disaster recovery controls, including Business Continuity Plans (BCP) and backups, encryption, access control, and data retention


• Understanding of GCP data protection mechanisms, data-encryption methods and mechanisms to implement them; secure network protocols and GCP mechanisms to implement them


• Ability to make tradeoff decisions with regard to cost, security, and deployment complexity to meet a set of application requirements


• Knowledge in GCP Security services such as IAM, GCP Security Command Center, GCP Workload Identity Federation, GCP Workforce Identity Federation, GCP Cloud Logging, GCP Cloud Monitoring, and more.


• Experience troubleshooting Linux machines (e.g., system resource management, storage and file systems, network configuration, and so on)


• Experience collaborating with developers and platform engineers, contributing to architecture and continuously optimizing infrastructure to remove bottlenecks and improve automation

Qualifications

• The expertise to engineer, develop, and troubleshoot large production-grade distributed systems on Google Cloud Platform, and select the appropriate tools to tackle business problems at the right scale


• Experience configuring access within a GCP organization environment using services such as:




• Super Admin Accounts management best practices


• Defining a scalable and secure resource hierarchy in GCP


• IAM Service Accounts management best practices


• Third-party Identity Providers federation (SSO) through GCP Cloud Identity (Knowledge of SAML, OIDC, ADFS, GCDS a plus)




• Experience designing GCP network security with a focus on security with services such as Cloud Identity Aware Proxy (IAP), Cloud DNS, Cloud Armor and Beyond Corp Enterprise


• Experience ensuring data protection with services such as GCP Secret Manager, CMEK, CSEK, and EKM


• Familiarity with configuring and monitoring Security Command Center (Security Health Analytics, Event Threat Detection, Container Threat Detection, Web Security Scanner)


• Experience ensuring compliance and regulatory requirements for GCP

Bonus Points 

• Google Cloud Certified Professional Cloud Architect 


• Google Cloud Certified Security Engineer


• Google Cloud Certified Network Engineer


• Familiarity with machine and human authentication protocols such as 2 or 3-legged OAuth and their respective authentication flows, mutual TLS, … a plus.

Are you a Do’er?

Be your truest self. Work on your terms. Make a difference. 

We are home to a global team of incredible talent who work remotely and have the flexibility to have a schedule that balances your work and home life. We embrace and support leveling up your skills professionally and personally.  

What does being a Do’er mean? We’re all about being entrepreneurial, pursuing knowledge and having fun! Click here to learn more about our core values. 

Sounds too good to be true? Check out our Glassdoor Page

We thought so too, but we’re here and happy we hit that ‘apply’ button. 

• Unlimited PTO


• Flexible Working Options


• Health Insurance


• Parental Leave


• Employee Stock Option Plan


• Home Office Allowance


• Professional Development Stipend 


• Peer Recognition Program

#LI-Remote