Security Engineer

2 weeks ago


Praha, Hlavní město Praha, Czech Republic Клаудфреш Full time 80,000 - 150,000 per year
Vacancy description

Cloudfresh is a Global Google Cloud Premier Partner, Zendesk Premier Partner, Asana Solutions Partner, GitLab Select Partner, Hubspot Platinum Partner, Okta Activate Partner, and Microsoft Partner.

Since 2017, we've been specializing in the implementation, migration, integration, audit, administration, support, and training for top-tier cloud solutions. Our products focus on cutting-edge cloud computing, advanced location and mapping, seamless collaboration from anywhere, unparalleled customer service, and innovative DevSecOps.

We're looking for a Google Cloud Security Engineer to harden client environments across GCP. You'll implement and help design security controls, automate guardrails, improve detection & response, and guide stakeholders through pragmatic, risk-based decisions across EMEA.

Requirements:
  • 2+ years proven, hands-on experience in a Security Engineer, SecOps (or similar) role building and operating cloud security controls (GCP).
  • Strong knowledge of Google Cloud architecture and native security services: Cloud IAM (least privilege, Conditions), Organization Policies, VPC / Private Service Connect, VPC Service Controls, Cloud Armor (WAF/DDoS), Security Command Center (SCC), Cloud KMS/CMEK/HSM, Secret Manager, IAP/BeyondCorp Enterprise (Context-Aware Access), Cloud Logging/Monitoring and GKE security.
  • Technical certifications related to Cloud Solutions are an advantage (Google Professional Cloud Security Engineer, Professional Cloud Architect; CISSP/CCSP/ISO 27001 LI/LA a plus).
  • Experience executing changes across multiple clients/verticals in EMEA/CEE with sound change control (CABs), documentation and participation in incident response/on-call.
  • Excellent communication and strategic planning abilities, able to explain trade-offs, influence remediation, and drive adoption of guardrails.
  • Proficient with engineering – tooling stacks: Terraform, GitHub/GitLab CI, OPA/Conftest / Policy Controller (Config Sync), Cloud Build/Deploy, Artifact Registry; comfortable with HubSpot and Asana for collaboration with account teams when needed.
  • Basic scripting experience (e.g., Python, Bash, or gcloud CLI).
  • Strong Plus experience with Cloudflare.
  • Fluency in English.
Responsibilities:
  • Design, implement, and operate security controls for GCPfor SMB & Enterprise clients across EMEA & CEE.
  • Perform security audits for GCP and Google Workspace environments.
  • Implement key features: Org Policies, IAM Conditions, break-glass flows, VPC design (private subnets, Cloud NAT), Private Service Connect, VPC Service Controls perimeters, Cloud Armor (WAF/MPA, rate limiting, geo/IP policies), IAP/BeyondCorp with Context-Aware Access, KMS/CMEK/HSM, Secret Manager, Confidential/Shielded VMs, Cloud IDS.
  • Configure and monitor Security Command Center, audit logs, and threat protection
  • Harden GKE & Workloads: private clusters, Workload Identity, Binary Authorization, Pod Security standards, NetworkPolicy, image scanning/provenance, OS patching via OS Config/VM Manager.
  • Automate guardrails: Reusable Terraform modules, gated CI checks (OPA/Conftest/Policy Controller), drift detection and safe automated remediation; codify SCC mute rules and Cloud Armor policies.
  • Establish logging, detection & IR: Standardize Cloud Audit Logs and Log Router sinks to CMEK log buckets; integrate to Chronicle SIEM; tune SCC (ETD/CTD/VM TD), build IR runbooks, triage incidents, and continuously improve MTTR.
  • Assist clients with implementation of 2FA, DLP, and compliance controls.
  • Generate security assessment reports and provide actionable recommendations.
  • Collaborate with DevOps and infrastructure teams to fix vulnerabilities.
  • Collaborate with ISSM: Work on maintaining ISO 27001 Security standards, performing annual networking tests.
  • Continuously assess the landscape: track new GCP features (e.g., Assured Workloads, Confidential Space, reCAPTCHA Enterprise) and update baselines to improve posture, reliability, and cost efficiency.
Would be a plus:
  • Experience with multi-cloud or hybrid environments
  • Familiarity with Google Workspace Enterprise security features
  • Basic knowledge of SIEM or zero trust architectures
Work conditions:
  • Competitive Salary & Transparent Motivation: Receive a competitive base salary with performance-based bonuses, providing clear financial rewards for your success.
  • Flexible Work Format: Work remotely with flexible hours, allowing you to balance your professional and personal life efficiently.
  • Training with Leading Cloud Products: Access in-depth training on cutting-edge cloud solutions, enhancing your expertise and equipping you with the tools to succeed in an ever-evolving industry.
  • International Collaboration: Work alongside A-players and seasoned professionals in the cloud industry. Expand your expertise by engaging with international markets across the EMEA and CEE regions.
  • Vibrant Team Environment: Be part of an innovative, dynamic team that fosters both personal and professional growth, creating opportunities for you to advance in your career.
  • When applying to this position, you consent to the processing of your personal data by CLOUDFRESH for the purposes necessary to conduct the recruitment process, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).
  • Additionally, you agree that CLOUDFRESH may process your personal data for future recruitment processes.


  • Praha 8, Hlavní město Praha, Czech Republic Meta IT Full time 104,000 - 130,878 per year

    Senior Software Engineer – Compliance (C++)We are seeking a highly skilled and driven Senior Software Engineer to join our partner's Trade Surveillance Platform team. This is a hands-on role focused on building scalable, high-performance systems that support market surveillance and compliance products. You will work on a trading and surveillance platform...


  • Praha 1, Hlavní město Praha, Czech Republic xITee Full time 1,200,000 - 2,400,000 per year

    At xitee, it´s about an all-in-one approach to all IT needs – IT consulting, SW development and IT operations. Our customers are mainly from German-speaking countries, and we build solutions for them from scratch - from the initial idea to post-launch support and maintenance. Our talented and experienced team of engineers is focused on optimizing overall...

  • System Engineer

    1 week ago


    Praha-4-Nusle, Czech Republic Arrow Electronics, Inc. Full time

    Position:System Engineer - SecurityJob Description:System Engineer - SecurityNávrh a implementace bezpečnostních řešení:Navrhování a implementace systémů pro ochranu dat, sítí a infrastruktur, jako jsou, systémy pro detekci průniku, antivirové programy a další bezpečnostní technologie.Poskytování technické podpory...

  • System Engineer

    1 week ago


    Praha-4-Nusle, Czech Republic Arrow Electronics, Inc. Full time

    Position:System Engineer - SecurityJob Description:System Engineer - SecurityNávrh a implementace bezpečnostních řešení:Navrhování a implementace systémů pro ochranu dat, sítí a infrastruktur, jako jsou, systémy pro detekci průniku, antivirové programy a další bezpečnostní technologie.Poskytování technické podpory...


  • CZE-Praha V Parku /, Czech Republic Broadcom Full time 1,200,000 - 2,400,000 per year

    Please Note:1. If you are a first time user, please create your candidate login account before you apply for a job. (Click Sign In > Create Account)2. If you already have a Candidate Account, please Sign-In before you apply.Job Description:We are seeking a highly motivated and skilled Endevor Administrator to join our team. In this role, you will be...


  • okres Praha-východ, Czech Republic GoodData Full time 900,000 - 1,200,000 per year

    In GoodData, we are expanding our team dedicated to the cloud operation of our unique analytical platform, designed for creating analytical data products for our customers. We are seeking an experienced operations engineer to join our Cloud Solution team. The successful candidate should be an enthusiastic professional who is deeply interested in cutting-edge...

  • Sr. Project Manager

    5 days ago


    okres Praha-východ, Czech Republic GoodData Full time 900,000 - 1,200,000 per year

    GoodData's Professional Services team works with our customers to build data analytics solutions using the GoodData platform; and build and customize analytical / reporting products to implement into clients' systems. Our team is obsessed with guiding our customers to achieve value with our products in the shortest time possible. We play a critical role in...