Professional Security Engineer Training

Master security on Google Cloud with this comprehensive 5-day training. Learn to configure access, configure network security, ensure data protection, manage operations, and ensure compliance.

Training Details

Duration	5 days (40 hours)
Level	Advanced
Delivery	In-person, Live online, Hybrid
Certification	Google Cloud Certified: Professional Cloud Security Engineer

Who Is This For?

• Security engineers working with GCP
• Cloud security specialists
• Security architects
• Anyone preparing for Professional Cloud Security Engineer certification

Learning Outcomes

After completing this training, participants will be able to:

• Configure access within cloud solutions
• Configure network security
• Ensure data protection
• Manage operations and incident response
• Support compliance requirements
• Implement security automation

Detailed Agenda

Day 1: Identity and Access Management

Module 1: Cloud Identity and IAM

• IAM best practices
• Service accounts and keys
• Workload identity
• Hands-on: Configure IAM

Module 2: Resource Hierarchy and Organization

• Organization policies
• Resource hierarchy design
• Policy inheritance
• Hands-on: Implement org policies

Module 3: Authentication and Authorization

• Identity-Aware Proxy
• OAuth and OIDC
• Context-aware access
• Hands-on: Implement authentication

Day 2: Network Security

Module 4: VPC Security

• Private Google Access
• VPC Service Controls
• Firewall rules
• Hands-on: Configure VPC security

Module 5: Load Balancing and DDoS Protection

• Cloud Armor WAF
• SSL policies
• DDoS mitigation
• Hands-on: Implement Cloud Armor

Module 6: Interconnect Security

• VPN and Interconnect security
• Private connectivity
• Network security monitoring
• Hands-on: Secure hybrid connectivity

Day 3: Data Protection

Module 7: Encryption Strategies

• Cloud KMS key management
• Customer-managed encryption keys
• Encryption at rest and in transit
• Hands-on: Implement encryption

Module 8: Data Loss Prevention

• DLP API for sensitive data
• Data classification
• Redaction and masking
• Hands-on: Configure DLP

Module 9: Secret Management

• Secret Manager
• API key management
• Certificate management
• Hands-on: Manage secrets securely

Day 4: Security Operations

Module 10: Security Command Center

• Asset discovery and inventory
• Vulnerability scanning
• Threat detection
• Hands-on: Configure SCC

Module 11: Logging and Monitoring

• Cloud Audit Logs
• VPC Flow Logs
• Log analysis for security
• Hands-on: Monitor security events

Module 12: Incident Response

• Forensics and investigation
• Event Threat Detection
• Automated response
• Hands-on: Respond to incidents

Day 5: Compliance and Advanced Security

Module 13: Compliance and Governance

• Compliance frameworks
• Access Transparency
• Compliance reporting
• Hands-on: Implement compliance

Module 14: Container and Kubernetes Security

• GKE security features
• Binary Authorization
• Pod security policies
• Hands-on: Secure GKE

Module 15: Exam Preparation

• Exam format and scenarios
• Security case studies
• Practice questions

Prerequisites

• 2+ years security experience
• GCP fundamentals knowledge
• Understanding of networking and OS security
• Security framework knowledge

Delivery Formats

Format	Description
In-Person	On-site at your company's location, hands-on with direct interaction
Live Online	Interactive virtual sessions with screen sharing and real-time labs
Hybrid	Combination of on-site and remote sessions, flexible scheduling

All formats include hands-on labs, course materials, practice exams, and post-training support.