9D Technologies & ImaginationAI are at the forefront of app publishing, delivering innovative and engaging mobile experiences to users around the globe.
Our mission is to create extraordinary digital experiences that captivate and entertain, and we are committed to pushing the boundaries of creativity and technology.
Key Responsibilities Review, audit, and strengthen security across all GCP projects, folders, billing accounts, service accounts, IAM roles, APIs, deployed workloads, and third-party integrations.
Compile and maintain a centralized inventory of all enabled and deployed services across projects, including Cloud Run, Cloud Functions, BigQuery, Cloud Storage, Pub/Sub, Firebase, APIs, service accounts, networking resources, billing-linked services, owners, dependencies, risks, and business purpose.
Implement and manage GCP Organization Policies to control risky configurations, external identities, public access, service account key creation, resource sharing, and insecure deployments.
Audit IAM access at project and organization level to remove unauthorized, non-organizational, inactive, excessive, or risky permissions, while applying least-privilege access controls.
Review and secure API keys, OAuth clients, service accounts, Firebase projects, Cloud Run services, BigQuery datasets, Cloud Storage buckets, Pub/Sub topics, and external integrations.
Reduce or eliminate long-lived service account keys by implementing secure alternatives such as Secret Manager, Workload Identity Federation, short-lived credentials, and controlled service account impersonation.
Assess the impact of security policies on existing products, dashboards, pipelines, APIs, Cloud Run services, BigQuery workloads, and other production systems, and design secure workarounds where required.
Enable budget kill switches across billed projects and billing accounts using Cloud Billing budgets, Pub/Sub alerts, automation scripts, and controlled shutdown or billing-disablement actions when defined thresholds are reached.
Configure monitoring, alerting, and incident detection using Cloud Logging, Cloud Monitoring, Security Command Center, IAM Recommender, audit logs, and billing alerts.
Identify unused, risky, misconfigured, publicly exposed, or externally accessible services and coordinate with relevant teams to secure, restrict, migrate, or decommission them.
Build and maintain security documentation, access review processes, incident response workflows, policy exception records, remediation plans, and project onboarding standards.
Work closely with engineering, data, DevOps, product, and management teams to implement security controls without disrupting active services.
Maintain proper documentation for Organization Policy exemptions, IAM changes, access exceptions, approvals, expiry dates, and remediation plans to ensure audit readiness.
Support multi-cloud security and governance use cases, especially AWS-to-GCP migration, including workload migration, networking, data access, and secure migration planning.
Work with DevOps teams to secure CI/CD pipelines, GitHub Actions, Docker images, secrets, and deployment workflows.
Support security and governance for AI infrastructure on GCP, including Vertex AI, GPU workloads, notebooks, model pipelines, AI service accounts, access controls, and cost-risk monitoring.
Competitive pay that matches your skills and experience Family Health Insurance Paid Time Off to recharge and relax Work-Life Balance and a supportive environment Delicious meals provided to keep you fueled Stay active with convenient, on-site fitness facilities 4+ years of relevant industry experience.
Strong hands-on experience with GCP security, IAM, Organization Policies, Cloud Billing, Cloud Logging, Cloud Monitoring, and cloud governance.
Practical understanding of GCP organizations, folders, projects, service accounts, API keys, billing accounts, IAM roles, access controls, and production workloads.
Experience securing GCP services such as Cloud Run, Cloud Functions, BigQuery, Cloud Storage, Pub/Sub, Firebase, APIs, and networking resources.
Ability to audit permissions, detect excessive access, manage credential risks, rotate exposed keys, and implement least-privilege security controls.
Experience with cloud security incident response, access reviews, risk remediation, monitoring, alerting, and security hardening.
Ability to write automation scripts using Python, Bash, Cloud Functions, or similar tools.
Strong documentation and communication skills, with the ability to explain security risks, policy impacts, and required changes to technical and non-technical stakeholders.
Good To Have Experience with Security Command Center, VPC Service Controls, Cloud KMS, Secret Manager, Workload Identity Federation, Terraform, and CI/CD security.
Experience implementing automated billing controls, budget alerts, cost anomaly detection, and emergency shutdown workflows.
Knowledge of cloud governance, vulnerability management, compliance frameworks, and security best practices.
