GCP Security

GCP Security & DevOps Engineer (Remote, Latin America)

Remote - US | Contract

Our client is a fast-growing health-tech organization operating in a regulated environment and handling sensitive patient data. Following a formal security assessment, they now need a hands-on GCP Security & DevOps Engineer to implement, operate, and maintain security controls across Google Cloud Platform (GCP) and related systems.

This is a long-term, fully remote contract opportunity. Candidates must be based in Latin America. Strong English communication skills (B2+ or higher) are required.

Responsibilities Administer GCP security & privileged access:

Enforce MFA and strong authentication, manage and harden admin roles and privileges, and maintain secure access patterns across GCP and connected systems based on documented policies (least privilege, separation of duties, and clean admin hygiene).

Identity, user & access administration (GCP + key systems):

Handle day-to-day user lifecycle tasks (provisioning, changes, deprovisioning), role/group-based access, periodic access reviews, and permissions hygiene across GCP and a small set of critical SaaS tools.

Security monitoring, logging & response:

Review, triage, and tune alerts from security monitoring tools and cloud logs; investigate suspicious activity, escalate issues as needed, and reduce noise through better configuration and detection tuning.

Cloud posture & configuration hygiene:

Implement and maintain operational security configuration standards (e.g., stronger admin account controls, consistent guardrails), keep an up-to-date inventory of cloud services in use, and close gaps found during reviews.

Maintain endpoint & device security baselines (in partnership with IT):

Work with IT and vendors to ensure baseline policies are enforced on laptops and workstations (EDR/AV, disk encryption, configuration management) and that devices remain compliant with agreed standards.

Documentation & audit support:

Keep configurations, admin runbooks, change logs, and exception lists up to date. Provide technical evidence for audits and security reviews, and ensure that implemented controls align with documented policies.

Experience & Technical Requirements

5+ years in security engineering, cloud security, systems administration, or SecOps with a strong focus on implementation and operations.

Strong hands-on GCP security experience (IAM/privileged access, operational hardening, cloud logging/monitoring, and security control implementation).

Experience running access reviews, cleaning up permissions, and maintaining tight admin/account hygiene.

Solid experience with security monitoring + incident triage (including tuning detections/alerts).

Experience automating or streamlining admin/security tasks using APIs and scripting (e.g., Python, PowerShell, or similar).

Experience working in regulated or sensitive environments (ideally healthcare / health-tech / PHI or similarly regulated sectors).

Demonstrated ability to take a security roadmap or policy set and turn it into stable configurations and repeatable operating routines.

Comfortable operating with a high degree of autonomy: propose practical solutions, improve existing configurations, and implement changes end-to-end.

Nice-to-Have

Google Workspace administration experience (security posture, admin controls, sharing configuration). Willingness and ability to learn quickly is acceptable.

Email security fundamentals (e.g., SPF/DKIM/DMARC concepts, advanced filtering/quarantine approaches, high-risk mailbox protections).

Experience evaluating or integrating SIEM / centralized monitoring and onboarding additional log sources.

Infrastructure-as-Code exposure (e.g., Terraform) and/or CI/CD practices that support repeatable security changes.

Background in securing BYOD and mobile devices, including MDM or app-level protections.

Experience strengthening backup/DR readiness, including participating in recovery testing.

Exposure to phishing simulations/security awareness operations and structured incident/exception tracking.

Google Professional certifications.

Security / Governance certifications such as CISSP, CISM, CCSP, HCISPP, Security+, or GIAC (GSEC, GCWN, GMON).

Of Note

You must maintain a secure, private workspace with reliable internet; a company-issued laptop and/or additional endpoint controls may be required.

HIPAA and security/privacy training will be required before your start date.

Completed background checks will be required if selected.

We appreciate your interest and will carefully review all applications. Due to high volume, individual feedback may not always be possible.