Project Overview & Business Challenge

• Company Introduction: We are a software development company that uses GCP for a significant part of our infrastructure, including a Kubernetes cluster and various databases.
• The Challenge: Our GCP environment has been set up with basic configurations, and we are concerned about potential security vulnerabilities and lack of compliance. We need a professional to review our current setup, implement security best practices, and improve the overall management of our cloud resources.
• Objective: To conduct a security audit of our GCP environment, harden our infrastructure, and provide expert guidance on how to maintain a secure and compliant cloud presence.

Detailed Job Description & Responsibilities

• Core Tasks:
• Audit the GCP environment, with a focus on IAM roles, VPC network configuration, and security groups.
• Assess the security of our Kubernetes Engine (GKE) cluster and container images.
• Implement security policies and controls to prevent unauthorized access.
• Configure logging and monitoring for security events using GCP tools.
• Provide recommendations and implement best practices for data protection and encryption.
• Develop a plan for ongoing security management and incident response.

Required Skills & Qualifications

• Technical Expertise:
  • Extensive experience with Google Cloud Platform services (IAM, GKE, VPC, Cloud Armor, Stackdriver).
  • Proven track record in cloud security, specifically with GCP.
  • Experience with containerization and Kubernetes.
  • Knowledge of scripting and automation (e.g., Terraform, Ansible).
  • GCP Professional Cloud Security Engineer or Cloud Architect certification is highly preferred.
• Soft Skills:
  • Detail-oriented with a strong focus on security and compliance.
  • Excellent problem-solving and documentation skills.
  • Strong communication skills to collaborate with our internal team.

Deliverables

• Tangible Outputs:
  • A detailed GCP security audit report.
  • A documented plan for implementing security fixes and best practices.
  • Implementation of approved security and configuration changes.
  • A final report with a roadmap for ongoing security maintenance.

Timeline & Budget

• Timeline: Project is expected to be completed within 25-40 days.

How to Apply

• Instructions:
  • Submit a cover letter outlining your experience with GCP security and infrastructure.
  • Provide a portfolio or examples of previous work.
  • State your desired compensation for this project.

Skills

• Technical: GCP, GKE, IAM, VPC, Cloud Security, Kubernetes, Terraform, Stackdriver.
• Soft: Problem-solving, Attention to detail, Communication, Documentation.