Sr Manager, Data Governance

Job Title: SecOps Lead

Job Overview:
We are seeking an experienced SecOps Lead to oversee security operations within our Google Cloud Platform (GCP) environment. The ideal candidate will combine deep cloud security expertise, incident response experience, and hands-on knowledge of GCP services to lead our SecOps initiatives, protect cloud workloads, and ensure compliance with enterprise security standards.

Key Responsibilities:

• Lead the security operations team for GCP cloud infrastructure, applications, and data.
• Develop and enforce cloud security policies, standards, and best practices specific to GCP.
• Monitor, detect, and respond to security incidents across GCP using tools like Wiz, Snyk, StackHawk, Cloud Security Command Center, Security Logging, SIEM integration, and Cloud Monitoring .
• Collaborate with DevOps, DataOps, and application teams to embed security in CI/CD pipelines (DevSecOps practices).
• Conduct threat modeling, vulnerability assessments, and penetration tests for cloud workloads.
• Manage identity and access management (IAM) in GCP, ensuring least-privilege access and role-based access control.
• Implement data protection strategies , including encryption, key management, and secure storage (Cloud KMS, Cloud Storage, Secret Manager).
• Oversee network security , firewall rules, VPC Service Controls, and private connectivity.
• Maintain incident response playbooks , conduct tabletop exercises, and lead post-incident reviews.
• Keep abreast of emerging cloud threats, GCP security features, and industry regulations (ISO, NIST, SOC2, GDPR, HIPAA, etc.).

Required Qualifications:

• 8-10 years of experience in cloud security, with at least 3 years in GCP environments .
• Team lead experience.
• Strong knowledge of GCP security services : Cloud IAM, Cloud Security Command Center, Cloud Armor, Cloud Key Management, VPC Service Controls, Cloud Logging/Monitoring.
• Hands-on experience with DevSecOps tools and practices (Terraform, Jenkins, GitOps, container security).
• Familiarity with security frameworks and compliance requirements (NIST, CIS Benchmarks, SOC2, HIPAA).
• Strong experience with SIEM, EDR, threat detection, and incident response .
• Experience with Wiz, Snyk, and StackHawk
• Expertise in network security, encryption, access controls, and identity management .
• Excellent leadership, communication, and cross-functional collaboration skills.

Preferred Qualifications:

• GCP Security certifications (e.g., Professional Cloud Security Engineer )
• Experience with multi-cloud security (GCP, AWS, Azure)
• Knowledge of data protection and privacy regulations relevant to the business
• Hands-on experience with container and serverless security (GKE, Cloud Run, Cloud Functions)
• Familiarity with automated compliance monitoring tools

Core Competencies:

• Strategic thinking and risk management
• Analytical and problem-solving mindset
• Strong leadership and mentoring skills
• Ability to work under pressure during incidents