Security Operations Engineer (GCP)

Security Operations Engineer (GCP)

A Global Financial Services client requires a Contract GCP SecOps Engineer with strong hands-on expertise in Google Cloud Platform (GCP), incident response, and log source integration to join their Security Operations team.

• Day Rate: £700-£750pd
• IR35 Status: Outside
• Duration: Initial 6 months
• Travel: 2 days a week in Central London

This GCP Security Engineer will have the previous following exp:

• Ingest, normalise and correlate log data from a wide range of sources, including GCP-native services (eg VPC Flow Logs, Cloud Audit Logs, Cloud DNS) and third-party systems, to support Real Time threat detection and analysis.
• Build and maintain detection logic by transforming raw log data into actionable insights such as indicators of compromise (IOCs), behavioural patterns, or risk-based alerts using tools such as Google Chronicle, BigQuery, or Splunk.
• Lead or support incident response investigations, working closely with SOC analysts, engineering teams, and stakeholders to contain and remediate threats effectively across complex cloud infrastructures.
• Design and implement automated response workflows, leveraging GCP-native services like Cloud Functions, Pub/Sub, and Event Threat Detection to streamline alert triage and reduce mean time to response (MTTR).
• Enhance visibility and detection coverage by improving log source onboarding, parsing, and enrichment pipelines ensuring critical cloud activities are captured, monitored, and aligned with compliance requirements.