Google Cloud Platform (Google Cloud Platform) Expert

Serve as the primary cloud security architect responsible for ensuring that cloud-hosted IT systems, particularly the Electronic Contract Writing Module (ECWM) and related customer contracting systems, are architected, designed, and implemented with robust security controls that meet or exceed agency requirements. The SME provides comprehensive security oversight throughout the system lifecycle, from initial design through deployment and ongoing operations, with particular emphasis on cloud environments including Oracle Cloud Infrastructure (OCI), Amazon Web Services (AWS), and Microsoft Azure. The position requires deep expertise in DoD cybersecurity frameworks, FedRAMP compliance, Risk Management Framework (RMF), and the unique security challenges inherent in cloud-based Government systems handling sensitive contracting and procurement data. Qualifications * Active Security Clearance * Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related technical field * Advanced cloud security certifications (CCSP, CISSP, SABSA, or equivalent) CISSP, CISM, or other advanced cybersecurity certification * Experience with DoD Enterprise DevSecOps Reference Design * Knowledge of containerization security (Docker, Kubernetes) and micro services security architecture Cloud ATO Experience: Two (2) years of hands-on experience achieving Authorization to Operate (ATO) in cloud environments (OCI, AWS, Azure, or equivalent platforms) with demonstrated success in navigating complex compliance requirements * DoD Systems ATO Experience: Five (5) years of experience achieving ATOs for compartmented DoD IT systems with deep understanding of DoD-specific security requirements, assessment processes, and stakeholder coordination * Cloud Certification: Current cloud security certification from major cloud providers (Oracle Cloud Infrastructure, AWS, Azure, or equivalent) demonstrating technical proficiency and up-to date knowledge of cloud security capabilities. * Demonstrated experience working with Oracle Cloud Infrastructure (OCI) including security architecture, implementation, and compliance activities * Enterprise DoD IT Experience: Proven experience working with enterprise DoD IT systems, understanding of DoD architecture standards, and familiarity with DoD cybersecurity requirements and processes * Advanced expertise in cloud security architecture principles across multiple platforms (OCI,AWS, Azure, Google Cloud) with deep understanding of shared responsibility models, cloud-native security services, and hybrid cloud security considerations * Comprehensive knowledge of cloud security engineering best practices including identity and access management (IAM), network security, data encryption, key management, and secure application deployment patterns * Proficiency in Infrastructure as Code (IaC) security, container security, serverless security, and cloud workload protection platforms with ability to implement security-by-design principles * Expert-level understanding of cloud security threats, attack vectors, and mitigation strategies including advanced persistent threats (APTs), insider threats, and cloud-specific vulnerabilities * Extensive experience with DoD Risk Management Framework (RMF) processes including system categorization, security control selection and implementation, assessment procedures, authorization decisions, and continuous monitoring * Deep knowledge of NIST cybersecurity frameworks (SP 800-53, SP 800-37, SP 800-171), DISA Security Technical Implementation Guides (STIGs), and DoD cybersecurity policies and instructions * Comprehensive understanding of FedRAMP assessment methodology, including security control inheritance, shared controls, and the FedRAMP authorization process for cloud service providers * Expertise in Authorization to Operate (ATO) processes for both cloud environments and compartmented * DoD IT systems, including security documentation development, evidence collection, and stakeholder coordination * Advanced capabilities in conducting comprehensive cybersecurity vulnerability assessments with specific focus on cloud hosting environments and the unique risks associated with multi-tenant cloud infrastructure * Proficiency in security testing methodologies including penetration testing, vulnerability scanning, configuration assessments, and security control validation * Experience with security assessment tools and platforms including Assured Compliance Assessment Solution (ACAS), commercial vulnerability scanners, and cloud security posture management (CSPM) tools * Knowledge of threat modeling, security architecture review processes, and the ability to identify and mitigate security gaps in complex, distributed systems * Proven ability to review existing cloud security policies and provide actionable recommendations for improvement to enhance overall security posture and meet evolving threat landscapes * Experience in developing security standards, procedures, and guidelines that balance security requirements with operational efficiency and mission effectiveness * Knowledge of emerging cloud security technologies and methodologies with ability to assess their applicability to DoD environments and recommend adoption strategies * Comprehensive understanding of enterprise DoD IT architecture, including network topologies,system interconnections, data flows, and the security implications of complex system integrations * Experience with DoD enterprise services, shared services, and the security considerations involved in connecting cloud-hosted applications to existing DoD infrastructure * Knowledge of DoD cloud strategy and implementation approach * Hands-on experience with cloud security tools and services including cloud access security brokers (CASB), cloud workload protection platforms (CWPP), and security information and event management (SIEM) solutions * Proficiency in security automation, orchestration, and response (SOAR) capabilities with understanding of how to leverage cloud-native security services for incident response and threat hunting * Knowledge of DevSecOps practices and the integration of security controls into continuous integration/ continuous deployment (CI/CD) pipelines * Understanding of backup and disaster recovery security considerations, business continuity planning, and the security implications of cloud-based recovery solutions * Experience with Government cloud initiatives (milCloud, AWS GovCloud, Azure Government) * Familiarity with AI/ML security considerations in cloud environments Additional Information Only qualified candidates will be contacted. Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process. All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.