Foresite CybersecurityRemote
Cloud Security Engineer
United States of America
Full Time
1 day ago
H1B Sponsor Likely
Key skills
PythonGCPGoogle CloudCloud Security
About this role
Foresite Cybersecurity is a mission-driven partner helping organizations navigate complex threat landscapes. They are seeking a Cloud Security Engineer to lead the technical onboarding of customers to GCP Security Command Center and Wiz, ensuring seamless integration of cloud security findings into Google SecOps.
Responsibilities:
- Lead the Integration: Lead the hands-on configuration of GCP SCC and Wiz for new customers, ensuring all high-fidelity security findings are correctly ingested into Google SecOps
- Data Integrity: Ensure technical accuracy in parser creation and UDM mapping to maintain the highest quality of security data
- Custom Logic: Write custom YARA-L detection rules to correlate cloud posture findings with network traffic
- Streamline Response: Develop end-to-end SOAR Playbooks and utilize Python to write logic for custom actions, streamlining the customer's remediation workflows
- Technical Walkthroughs: Lead sessions for customer analysts, teaching them how to navigate SCC/Wiz findings and investigate alerts within the Google SecOps interface
- Troubleshooting: Act as the technical point of contact for resolving integration errors and optimizing automation scripts
Requirements:
- At least 2 years of strong hands-on experience with Google SecOps (Chronicle), specifically in parser creation, UDM mapping, and YARA-L rule writing
- Proven experience configuring GCP SCC and Wiz, with foundational knowledge equivalent to a Google Cloud Associate Cloud Engineer
- Proficient in Python and enjoy using it to solve complex security automation challenges
- Demonstrated ability to manage a customer onboarding from technical kickoff to final handoff without constant senior oversight
- Ability to translate deep technical configurations into actionable insights for customer security teams
- Current Google Cloud Associate Cloud Engineer or professional security certifications
- Experience building complex API integrations between cloud security platforms
- Experience advising customers on cloud security best practices and long-term posture management