Senior Cloud Security Engineer

We are seeking a highly experienced Senior GCP Cloud Security Engineer to own and enforce the security posture of our Google Cloud environment. Embedded within our DevOps function, you will act as the technical authority for cloud security across our GCP organization. You will design and enforce IAM governance, harden network and API boundaries, operationalise security monitoring, and embed security controls into infrastructure and CI/CD workflows.

What You’ll Do

● Own and continuously improve the cloud security posture across our GCP organisation.

● Design and enforce least-privilege IAM/RBAC models at organisation level

● Secure VPC networking, firewall policies, private connectivity, and perimeter protections including Cloud Armor.

● Strengthen API gateway security (Apigee or equivalent) and service-to-service authentication patterns.

● Operationalise Security Command Center and drive structured remediation of high-risk findings.

● Embed security controls into CI/CD pipelines, integrating SAST, DAST, dependency, container, and secret scanning.

● Define and enforce secure Infrastructure as Code standards using Terraform and policy-as-code guardrails.

● Prevent configuration drift and enforce secure deployment patterns across environments.

● Support audit readiness, governance initiatives, and regulatory compliance requirements.

● Participate in incident response and drive post-incident security improvements.

What We’re Looking For

● 5+ years of experience in Cloud Security, Platform Security, or DevSecOps within production environments.

● Deep, hands-on experience securing multi-project environments on Google Cloud Platform.

● Strong expertise in IAM design, access governance, and role inheritance modeling.

● Advanced understanding of VPC networking, firewall rules, private connectivity, and Zero Trust architecture.

● Experience with cloud security posture management tools such as Security Command Center, Cloud Armor.

● Experience securing API gateways (Apigee preferred) and modern cloud-native architectures.

● Strong Terraform and Infrastructure as Code experience with embedded security controls.

● Proven ability to integrate security controls into CI/CD pipelines and engineering workflows.

● Experience securing containerized and/or serverless workloads (Docker, Kubernetes, Cloud Run).

● Solid understanding of application security principles (OWASP Top 10, secure coding practices).

● Strong scripting and automation skills (Bash, Python).

● Experience operating within regulated or compliance-driven environments is advantageous.

What We Offer

● A high-impact role protecting technology that powers financial inclusion across Africa.

● The opportunity to define and enforce cloud security standards in a fast-scaling fintech.

● A collaborative, high-caliber engineering culture.

● Exposure to modern cloud-native architectures and real-world security challenges at scale.

Certifications

● Google Professional Cloud Security Engineer (strongly preferred).

● Additional Google Professional certifications (Cloud Architect or DevOps Engineer) are advantageous.

● Industry certifications such as CISSP or CCSP are a plus.