Sr. Cloud Engineer I

As a Sr. Cloud Engineer I (Google Workspace), you'll manage the configuration and governance of multiple tenants within the Department-owned FAN (Google Workspace) and Netskope products. The ideal candidate will provide support for integration, risk analysis, incident resolution, and continuous monitoring of cloud systems, while ensuring security and compliance standards are met.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you'll do:

• Oversee and manage the configuration of multiple tenants in the Department-owned FAN (Google Workspace) and Netskope products, ensuring seamless operation and security compliance across all environments.
• Assist in integrating Netskope with additional cloud systems or applications as required by system owners, ensuring proper functionality and security alignment.
• Conduct risk assessments for apps, scripts, and extensions submitted via a request process. Ensure risk analysis follows the process outlined in the Initial Netskope Integration Change Request.
• Provide daily support for reviewing and resolving Netskope-related incidents. Investigate, escalate issues as necessary, and report through the documented incident response procedures.
• Provide ongoing guidance and governance for the Google Workspace system, ensuring security best practices and compliance are upheld.
• Oversee continuous monitoring activities in accordance with the compliance dashboard. Make recommendations and take follow-up actions to mitigate previously unknown security gaps.
• Brief the ISSO quarterly on continuous monitoring artifacts, highlighting any findings, recommendations, or required actions.
• Actively participate in Google Workspace and Netskope meetings to stay informed of updates and collaborate with cross-functional teams.
• Review and approve change requests, ensuring that changes align with organizational policies and security standards.
• Work closely with the Google Workspace product owner, system owner, and ISSO to resolve issues, remove impediments, and provide security recommendations for cloud-based systems.
• Test new capabilities, configurations, and services to ensure that technology is properly understood. Provide recommendations for policy, governance, and solutions based on testing outcomes.
• Address and respond to user questions and concerns in a timely manner, particularly those related to cloud security policies, such as external sharing policies.
• While primarily cloud-based, there may be a future need to extend responsibilities to device management as the systems evolve.

What you'll need to succeed:

• An Active Secret Security clearance with the ability to obtain a Top Secret
• Ability to be onsite 5 days a week in Washington, DC.
• 5+ years of experience in cybersecurity engineering, cloud security, or IT security, with a focus on Google Workspace (G Suite), AWS or Azure.
• Strong expertise in Google Admin Console, Security Center, Google Vault, and Cloud Identity, AWS Management Console, or Azure Portal.
• Hands-on experience with Google Workspace API security, OAuth, and API integrations, AWS IAM, or Azure Active Directory.
• Proven experience in managing cloud security platforms, particularly Google Workspace and Netskope, AWS or Azure.
• Proficiency in DLP, Zero Trust architectures, IAM (Google Cloud Identity, AWS IAM, or Azure AD), and email security (DKIM, SPF, DMARC).
• Familiarity with SIEM/SOAR platforms, threat detection, and security logging within Google environments, AWS, or Azure.
• In-depth knowledge of cloud-based systems, integrations, and risk management processes across Google Workspace, AWS, or Azure.
• Strong understanding of federal security frameworks such as NIST 800-53, FedRAMP, FISMA, and DISA STIGs.
• Experience working in an on-prem and hybrid cloud security environment.
• Familiarity with incident response procedures and security incident escalation.
• Strong communication skills, including the ability to explain complex technical concepts to non-technical stakeholders.
• Ability to work independently and manage multiple tasks in a dynamic, fast-paced environment.
• Experience with continuous monitoring, security compliance, and risk analysis frameworks.
• Strong understanding of governance and policy creation for cloud systems.
• Familiarity with compliance requirements and regulatory standards for cloud environments.
• Experience in testing and evaluating technology to ensure optimal performance and security.
• Previous experience working closely with product owners, system owners, and security teams.