Architect and implement security solutions for GCP-hosted microservices, APIs, containers, and serverless workloads
Lead secure-by-design initiatives across the SDLC, including threat modeling, risk assessments, and architectural reviews
Produce and review Architecture Decision Records (ADRs)
Collaborate with software engineers, DevOps, security, and cloud architects to align on best practices
Define and promote secure coding standards and CI/CD security pipelines (Jenkins, GitHub, GitHub Actions)
Integrate and manage security tools: SAST, DAST, SCA, IaC scanning, secret detection
Develop reusable security design patterns and reference architectures
Stay current on GCP security features and recommend adoption
Support incident response and forensic investigations
Guide remediation of vulnerabilities and architectural flaws
Serve as SME for audits, governance, and compliance
Conduct architectural reviews to ensure alignment with enterprise standards
Drive innovation through rapid POCs and emerging security technologies
Mentor engineering teams and contribute to enterprise-wide security strategy
Communicate security strategies and risks to senior leadership
7+ years in application security, secure software engineering, or security architecture
3+ years of hands-on experience with GCP services (IAM, Cloud Run, GKE, Cloud Functions, VPCs, Cloud Armor)
Deep understanding of GCP infrastructure, cloud-native design patterns, and SSDLC
Experience with CI/CD security controls and tools
Proficiency in Python, Java, Go, or Node.js
Familiarity with OWASP Top 10, SANS CWE Top 25, STRIDE
Strong communication skills for technical and executive audiences
Company Overview: ERP Savvy, Americas IT Recruitment Partner, is an IT consulting and staffing company specialized in SAP services. With over 300K IT connections in our network, we are committed to providing high-quality services and solutions, building long-term partnerships, and offering competitive pricing. We focus on design, hiring, and placement to meet our clients' needs.