Job Description

About HighLevel:
HighLevel is an AI-powered business operating system that gives agencies, entrepreneurs and SMBs the infrastructure to build, automate and scale. Today, HighLevel supports SMBs across 150+ countries, fueling community-driven growth rooted in real customer outcomes.
To date, businesses operating on HighLevel have generated over $7 billion in ecosystem value, demonstrating the impact of shared infrastructure at scale. By centralizing conversations, automation and intelligence into one system, we help businesses move faster, reduce complexity and execute efficiently.
Behind the platform, HighLevel powers more than 4 billion API hits and 2.5 billion message events daily. With 250 terabytes of distributed data, 250+ microservices and over 1 million domain names supported, our architecture is built for performance, resilience and long-term scalability.

Our People
With over 2,000 team members across 10+ countries, HighLevel operates as a global, remote-first organization built for speed and ownership. We value initiative, clarity and execution, creating space for ambitious people to build systems that support millions of businesses worldwide. Here, innovation thrives, ideas are celebrated and people come first, no matter where they call home.

Our Impact
Every month, HighLevel enables more than 1.5 billion messages, 200 million leads and 20 million conversations for the more than 1 million businesses we support. Behind those numbers are real people building independence, expanding opportunity and creating measurable impact. We’re proud to be a part of that.
Learn more about us on our YouTube Channel or Blog Posts

About the Role:

We are looking for a Cloud Security Engineer with strong experience in Google Cloud Platform (GCP), Kubernetes (GKE), VPNs and Cloudflare to design, implement, and maintain secure cloud-native infrastructure. The ideal candidate will work closely with DevOps, SRE, and engineering teams to enforce security best practices across applications, networks, and infrastructure.

Responsibilities:

-> Cloud & Infrastructure Security

• Design and implement security controls across GCP environments
• Secure GKE clusters including RBAC, network policies, and workload identity
• Implement least privilege access (IAM) and enforce security boundaries
• Manage secrets using GCP Secret Manager

-> Kubernetes Security (GKE)

• Harden Kubernetes workloads and cluster configurations
• Implement Pod Security Standards (PSS), Network Policies & Admission Controllers (OPA/Gatekeeper)
• Monitor and mitigate container vulnerabilities

-> Network & Edge Security (Cloudflare)

• Configure and manage Cloudflare WAF, DDoS protection, and rate limiting
• Implement Zero Trust Access (ZTNA) policies
• Secure APIs using Cloudflare security features
• Manage DNS security and SSL/TLS configurations

-> Monitoring, Detection & Incident Response

• Implement security monitoring using:
  - GCP Cloud Logging & Monitoring
  - SIEM tools (e.g., Splunk, Datadog, Chronicle)
• Define alerting rules and respond to security incidents
• Conduct root cause analysis (RCA) and post-incident reviews

-> Compliance & Governance

• Ensure compliance with standards such as ISO 27001, SOC2, CIS Benchmarks
• Perform regular security audits and vulnerability assessments
• Automate compliance checks using policy-as-code tools

Requirements:

• Strong hands-on experience with Google Cloud Platform (GCP): IAM, VPC, Cloud Armor, Cloud Logging, Security Command Center
• Deep understanding of Kubernetes (GKE):
  -> RBAC, Network Policies, Ingress/Egress control
  ->Service Mesh (Istio) security concepts (mTLS, policies)
• Experience with Cloudflare [WAF, Zero Trust, Access, DNS, CDN security]
• Proficiency in at least one: Python / Go / Bash
• Experience with Terraform / Helm

Nice to Have:

• Experience with service mesh security (Istio, Linkerd)
• Knowledge of Zero Trust architecture
• Exposure to multi-cloud environments
• Security certifications (e.g., CISSP, CCSP, GCP Security Engineer)

EEO Statement:
The company is an Equal Opportunity Employer. As an employer subject to affirmative action regulations, we invite you to voluntarily provide the following demographic information. This information is used solely for compliance with government record-keeping, reporting, and other legal requirements. Providing this information is voluntary and refusal to do so will not affect your application status. This data will be kept separate from your application and will not be used in the hiring decision.