A little bit about us

Bespin Global is a top global cloud MSP recognized in the Gartner Magic Quadrant for 8 consecutive years. We’ve been named the AWS MSP Partner of the Year globally and have earned multiple Google Partner of the Year awards!

We have 1,400+ “Bespineers” across 16 offices in 10 countries—including the U.S., South Korea, Singapore, Dubai, Indonesia, China, and Japan—supporting over 4,500 customers worldwide.

We’re growing fast, and if you want to help enterprise clients solve complex challenges using the power of the cloud, this is the place for you.

We're looking for a US-based Cloud Security Architect with strong GCP experience and a deep background in security operations, vulnerability management, and penetration testing. This role is part of our high-profile security team, and you'll serve as a trusted security advisor, helping shape and deliver secure cloud solutions with a focus on compliance and risk mitigation.

This is primarily a US-Remote role but candidates should be located in the continental US and timezones, with the ability to travel when needed.

About the Role:

As a Cloud Security Engineer, you will:

• Implement and maintain security controls for workloads on Google Cloud Platform, with additional support for AWS and Azure environments.
• At least 50% of core duties will involve coding and hands on keyboard experience.
• Configure and manage cloud security services across platforms to protect environments against threats, with GCP as the primary focus.
• Implement security controls for AI/ML workloads, including data protection, model security, and secure API endpoints.
• Perform vulnerability scans, analyze results, and execute remediation actions.
• Assist with penetration testing activities and address identified security gaps.
• Monitor security events through SOC integration and respond to security incidents.
• Build and maintain security automation using Infrastructure as Code (IaC) and scripting.
• Develop and implement security logging, monitoring, and alerting solutions.
• Create and maintain technical security documentation and runbooks.
• Collaborate with DevOps teams to integrate security into CI/CD pipelines.
• Support security compliance initiatives and help prepare for audits.
• Troubleshoot security-related issues and implement fixes.

What We’re Looking For:

Must-Have:

●      5+ years of experience in cloud security engineering, with hands-on deep hands-on security experience in at least one of the major cloud providers, preferably GCP. 

●      Strong development skills in at least one programming language (Python preferred) for security automation and tooling.

●      Practical hands-on experience with 3rd party Cloud Security SaaS Tools (Wiz, Orca, CrowdStrike, LaceWork, Prisma Cloud, Tenable, etc.) and/or native provider tools such as KMS, Guard Duty, IAM, Google Security Command Center, etc.

●      Strong Generative AI literacy with a desire to keep learning new tools, frameworks, models, APIs, and SDKs as capabilities evolve and mature. .

●      Experience with multiple SOC/SIEM/SOAR tools and security platforms (e.g., Splunk, Chronicle, SentinelOne, Elastic Security/Kibana, SumoLogic, or CrowdStrike).

●      Operational experience troubleshooting log ingestion and experience and evaluating log sources for actionable events and IOCs across multiple layers of the application, infrastructure, identity, and network stack.

●      Hands-on experience in vulnerability management including triage, and remediation using Tenable, Qualys, CrowdStrike, or Rapid7

●      Experience working in a software engineering team with collaborative development practices (branching, tagging, code review) using GitHub, GitLab, or Azure DevOps.

●      Familiarity with penetration testing methodologies and common security vulnerabilities.

●      Experience using AI to accelerate software development (Claude Code, Gemini, etc.) and AI-Assisted IDE such as Cursor, Zed, or Visual Studio Code plugins.

●      Excellent communication skills and the independence necessary to work asynchronously in a startup environment with members working across multiple U.S. and international times zones

●      Exposure to security compliance frameworks (SOC 2, NIST 800-53, HIPAA, PCI DSS, SANS Top 20,  etc.).

●      Authorized to work in the United States.

Nice-to-Have:

●      Google Cloud certification (e.g., Professional Cloud Security Engineer) or equivalent experience, with AWS or Azure security certifications.

●      Additional security certifications (Security+, GCIH, CEH, CISSP).

●      Experience implementing security for AI and ML services such as Vertex AI, with knowledge of ML model security, data security, and secure AI interfaces.

●      Experience with one or more agent frameworks (Crew AI, Pydantic AI, Agno, Google ADK, etc.) with a focus on security automation use cases.

●      Familiarity with container security (Kubernetes, Docker) and serverless security considerations.

●      Knowledge of DevSecOps practices and tools and how to integrate security guardrails into CI/CD systems

●      Experience with Terraform or other IaC tools as a means for implementing and enforcing cloud security best practices.

●      Experience securing generative AI applications and implementing LLM security best practices.

●      Background in security incident handling and investigation in a cloud environment.

●      Experience building and running tools that support an internal SOC or MDR. 

Why You’ll Love Working Here:

• High visibility, high impact role with a marquee client.
• Competitive compensation and performance-based bonus structure.
• Excellent benefits package including 100% company-paid Health, Dental, Vision, and Life Insurance.
• 401k with employer matching, wellness perks, and birthday PTO.
• Supportive team culture with global reach and startup agility.
• Opportunities for career growth across cloud, data, and customer success tracks.

Ready to shape the future of cloud and data for some of the most exciting companies in the world?

Apply today and bring your expertise to Bespin Global.