Security/DevSecOps Engineer

Turing is seeking a highly motivated and experienced Security / DevSecOps Engineer to focus on cloud infrastructure security, monitoring, and threat detection. This critical role involves ensuring the security and compliance of Turing's cloud environment by actively identifying, analyzing, and responding to security threats. The engineer will also design and operate automated security controls within Google Cloud Platform (GCP), collaborating with engineering teams to integrate security into new infrastructure deployments and CI/CD pipelines.

Must Have

• 5+ years in cloud or infrastructure security engineering, security operations, or similar role
• 3+ years hands-on with Google Cloud Platform (GCP)
• Demonstrable experience securing cloud environments, strong preference for GCP
• Expertise in Infrastructure-as-Code (IaC) tools such as Terraform or Cloud Deployment Manager
• Strong practical experience with CI/CD tools (e.g., Jenkins, GitHub, Cloud Build) and integrating security testing into these pipelines
• Proficiency in scripting or programming (e.g., Python, Go, Shell) for automation of security tasks and workflows
• Deep understanding of core infrastructure security concepts, including patch management, vulnerability assessment, and backup/recovery procedures
• Strong understanding of network security principles, including firewalls, load balancers, and segmentation in a cloud environment
• Demonstrated ability to perform security event analysis, triage, and incident response

Good to Have

• Relevant industry certifications (e.g., Google Cloud Professional Cloud Security Engineer, CISSP, CCSP)
• Experience with automated configuration management tools like Ansible, Chef, or Puppet
• Familiarity with security frameworks (e.g., NIST, ISO 27001, CIS Benchmarks)
• Experience with container security (Docker, Kubernetes/GKE)
• Advanced GCP controls: Organization Policies, VPC Service Controls, Access Context Manager, Binary Authorization
• Experience with SIEM or observability tools; building infra-security detections and dashboards

Perks & Benefits

• Amazing work culture (Super collaborative & supportive work environment; 5 days a week)
• Awesome colleagues (Surround yourself with top talent from Meta, Google, LinkedIn etc. as well as people with deep startup experience)
• Competitive compensation
• Flexible working hours

About the Role

We are seeking a highly motivated and experienced Security / DevSecOps Engineer focused on cloud infrastructure security, monitoring, and threat detection. This role is critical for ensuring the security and compliance of our cloud environment by actively identifying, analyzing, and responding to security threats, as well as designing and operating automated security controls within Google Cloud Platform (GCP).

What You'll Work On

Infrastructure & Platform Security

• Design, implement, and operate automated patch pipelines (e.g., OS Config/Patch Jobs) for Linux/Windows across GCE and GKE nodes for all cloud infrastructure components.
• Define hardened images and golden baselines (OS, container, Kubernetes, network) and enforce via IaC, org policies, and policy-as-code.
• Maintain and audit secure infrastructure configurations (including network security, identity, and access management) based on security best practices and compliance requirements.
• Secure Infrastructure-as-Code (IaC) pipelines and repositories, ensuring security is built-in from the development stage.
• Integrate security controls and testing into CI/CD pipelines to prevent the deployment of vulnerable code or insecure configurations.
• Ensure continuous adherence to internal security benchmarks and external regulatory frameworks.
• Standardize secret management (GCP Secret Manager/KMS), rotation, and break-glass access.
• Implement least-privilege IAM, service accounts/workload identities, and VPC Service Controls where appropriate.
• Collaborate with engineering teams to provide security guidance and ensure new infrastructure deployments meet security standards.

Monitoring, Detection & Incident Response

• Deploy, configure, and continuously tune cloud-native and third-party Intrusion Detection Systems (IDS), specifically Google Cloud IDS, to maximize threat detection efficacy and minimize false positives.
• Proactively monitor security dashboards, logs, and alerts for threats, anomalies, and suspicious activity across our cloud infrastructure.
• Manage and harden network security configurations, including VPC Service Controls, firewall rules, and security groups in GCP, using infrastructure-as-code principles.
• Provide hands-on support for security incident response activities, including initial triage, containment, eradication, and post-incident analysis.
• Ensure the robustness, automation, and regular validation of backup and disaster recovery processes to meet business continuity requirements.
• Develop and maintain automated monitoring and alerting systems to ensure high availability and performance of security tools and critical infrastructure.
• Maintain documentation for all security operational procedures, runbooks, and configurations.

Vulnerability & Compliance

• Support the vulnerability management program by triaging, prioritizing, and coordinating the remediation of infrastructure-related vulnerabilities across GCP.
• Support compliance activities related to internal security standards and external frameworks as required.

What We're Looking For

• 5+ years in cloud or infrastructure security engineering, security operations, or a similar role.
• 3+ years hands-on with Google Cloud Platform (GCP).
• Demonstrable experience securing cloud environments, with a strong preference for GCP.
• Expertise in Infrastructure-as-Code (IaC) tools such as Terraform or Cloud Deployment Manager.
• Strong practical experience with CI/CD tools (e.g., Jenkins, GitHub, Cloud Build) and integrating security testing into these pipelines.
• Proficiency in scripting or programming (e.g., Python, Go, Shell) for automation of security tasks and workflows.
• Deep understanding of core infrastructure security concepts, including patch management, vulnerability assessment, and backup/recovery procedures.
• Strong understanding of network security principles, including firewalls, load balancers, and segmentation in a cloud environment.
• Demonstrated ability to perform security event analysis, triage, and incident response.

Bonus Points

• Relevant industry certifications (e.g., Google Cloud Professional Cloud Security Engineer, CISSP, CCSP).
• Experience with automated configuration management tools like Ansible, Chef, or Puppet.
• Familiarity with security frameworks (e.g., NIST, ISO 27001, CIS Benchmarks).
• Experience with container security (Docker, Kubernetes/GKE).
• Advanced GCP controls: Organization Policies, VPC Service Controls, Access Context Manager, Binary Authorization.
• Experience with SIEM or observability tools; building infra-security detections and dashboards.

Values:

• We are client first: We put our clients at the center of everything we do, because their success is the ultimate measure of our value.
• We work at Start-Up Speed: We move fast, stay agile and favor action because momentum is the foundation of perfection
• We are Al forward: We help our clients build the future of Al and implement it in our own roles and workflow to amplify productivity.

Advantages of joining Turing:

• Amazing work culture (Super collaborative & supportive work environment; 5 days a week)
• Awesome colleagues (Surround yourself with top talent from Meta, Google, LinkedIn etc. as well as people with deep startup experience)
• Competitive compensation
• Flexible working hours