Senior Cloud Security Engineer

We are looking for a Senior Cloud Security Engineer to join our Security team in Stockholm, Sweden. As a key member, you will focus on maintaining high security standards for our critical systems within Google Cloud Platform (GCP). You will design, implement, and manage robust security measures, ensuring the resilience and integrity of Truecaller's platform.

Responsibilities:

• Design and Secure GCP Infrastructure: Lead the design, implementation, and management of security architectures and controls specifically for our GCP infrastructure (networking, compute, storage, GKE).
• Secure Infrastructure-as-Code (IaC): Develop, implement, and enforce security best practices within our IaC (Config Connector) workflows and CI/CD pipelines to prevent vulnerabilities proactively.
• Manage GCP Security Posture: Utilize GCP-native tools (e.g., Security Command Center, Cloud Armor, VPC Service Controls, IAM) to continuously monitor, assess, and improve the security posture of our cloud environment.
• Lead Infrastructure Vulnerability Management: Drive the identification, assessment, and remediation of security vulnerabilities specifically within GCP infrastructure components and configurations.
• Implement Network Security Controls: Design, configure, and manage GCP network security controls, including firewall rules, VPC configurations, network segmentation, and load balancing.
• Enhance Container & Kubernetes Security: Implement and manage security best practices for our containerized environments and Google Kubernetes Engine (GKE) deployments throughout the lifecycle.
• Automate Security Operations: Develop and maintain automation scripts (using Python, Bash, Go, etc.) to streamline security monitoring, alerting, and response tasks within GCP.
• Collaborate and Provide Guidance: Partner with our infrastructure, and development teams to embed security into their workflows and provide expert guidance on secure infrastructure design and practices.

Requirements:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Several years of hands-on experience in a senior engineering role focused specifically on infrastructure security.
• Proven, in-depth knowledge and practical experience securing cloud infrastructure, services, and security features (e.g., GKE, VPC, IAM, KMS, Security Command Center, Cloud Armor, or other hyperscalers similar services, or equivalent services offered by other hyperscale cloud providers).
• Strong experience writing and securing IaC deployments.
• Solid understanding and practical application of cloud network security principles (VPC, firewalls, segmentation).
• Demonstrated expertise in securing Docker containers and Kubernetes deployments.
• Proficiency in scripting languages such as Python, Bash, or Go for security automation.
• Excellent analytical and problem-solving skills applied to complex infrastructure security challenges.
• Strong ability to communicate technical security concepts clearly to both technical and non-technical stakeholders.
• Experience integrating security into CI/CD pipelines and infrastructure development workflows.

Benefits:

• Competitive salary
• 30 days of paid vacation
• Flexible working hours
• Private health insurance
• Parental leave top-up
• Pension contribution
• Udemy membership
• Free gym membership
• Great tech tools
• Office perks include snacks, beverages, playroom, and team activities.