Donyati

www.donyati.com

1 Job

312 Employees

About the Company

Donyati was founded with the intention of challenging traditional business and technology consulting methods. Our approach involves leveraging technology to tackle intricate business challenges and deliver innovative solutions driven by our steadfast commitment, diligence, and passion. We actively listen to our clients, provide seasoned advice, and persevere in pursuit of their goals. Our top priority is always acting in the best interests of our clients. Our team listens carefully to discover the exact solution you need to meet your organization’s goals. We deliver the same elite talent as the world’s top consulting firms, from a unique viewpoint. We treat our clients like people, focus on lean operations, and provide unmatched value. Our core service offerings include Advisory, Implementations, and Managed Services, distributed across Enterprise/Corporate Performance Management (EPM/CPM), Enterprise Resource Planning (ERP) & Enterprise Applications, Finance Effectiveness & Modernization, Cloud Services and Technology Services.

Listed Jobs

Company Name: Donyati
Job Title: GCP Cloud Security Architect
Job Description: Job Title: GCP Cloud Security Architect Role Summary: Lead design, implementation, and governance of a secure, compliant Google Cloud Platform landing zone for a large retail brand, ensuring PCI DSS compliance, hardened network perimeter, and automated security posture enforcement. Expectations: * Deliver a secure‑by‑default GCP environment for customer data. * Move security from monitoring to fully enforced policies. * Achieve and maintain PCI DSS compliance, ready for audits. * Establish continuous posture management, threat detection, and compliance reporting. Key Responsibilities: * Create and maintain a Technical Security Design document aligned with PCI DSS and existing security standards. * Translate security principles into enforceable Organization Policies and governance standards. * Deploy and operationalize Security Command Center (SCC) Premium for posture management and threat detection. * Design a hardened VPC Service Controls perimeter and migrate legacy firewall rules to centralized GCP firewall policies, ensuring CDE isolation. * Implement Cloud Armor for web and API protection, and optimize security service SKUs. * Lead IAM strategy: define least‑privilege models, enforce granularity, implement time‑bound access, privileged access management, and migrate to Workload Identity Federation (Azure AD ↔ GCP). * Design RBAC for Secrets Manager and establish logging/alerting for identity and access events per PCI DSS. * Review and harden Terraform IaC and GitHub Actions pipelines; embed DevSecOps practices, credential hygiene, and error handling. * Guide migration from Azure ARM/Jenkins to Terraform/GitHub Actions and assess security implications. Required Skills: * 7+ years senior cloud security/architect experience. * Google Cloud Certified: Professional Cloud Security Engineer or Professional Cloud Architect. * Hands‑on expertise: GCP IAM, VPC Service Controls, GCP Firewall Policies, Organization Policies, SCC Premium. * Proven PCI DSS implementation and audit experience in GCP. * Workload Identity Federation design and implementation (Azure AD → GCP). * Terraform (IaC) and CI/CD pipeline security (GitHub Actions, Jenkins). * Cloud‑native network security: VPC design, private interconnects, WAF (Cloud Armor), CDE segmentation. * Ability to produce TDDs, security policies, and audit documentation. Required Education & Certifications: * Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). * Google Cloud certifications: Professional Cloud Security Engineer and/or Professional Cloud Architect. ---