Sr Cloud Engineer - Google Workspace/GCP

As a Sr. Cloud Engineer I (Google Workspace), you'll manage the configuration and governance of multiple tenants within the Department-owned FAN (Google Workspace) and Netskope products. The ideal candidate will provide support for integration, risk analysis, incident resolution, and continuous monitoring of cloud systems.

What you'll do:

• Manage and secure multiple Google Workspace and Netskope tenants, ensuring compliance with federal standards.
• Design, implement, and maintain secure GCP infrastructure (e.g., Compute Engine, IAM, GKE, BigQuery).
• Automate provisioning and configuration with infrastructure-as-code tools (Terraform, Ansible, Deployment Manager).
• Support CI/CD pipelines (GitLab CI, Jenkins, Cloud Build) and integrate security into DevOps workflows.
• Monitor and troubleshoot cloud systems, ensuring SLAs and security baselines are met.
• Conduct risk assessments, review change requests, and support incident response for Netskope-related issues.
• Provide governance, documentation, and guidance on best practices for cloud security and compliance.

What you'll need to succeed:

• Active Secret Security clearance or the ability to obtain (Top Secret preferred).
• Ability to be onsite 5 days a week in Washington, DC.
• 5+ years of experience in cybersecurity engineering, cloud security, or IT security with a focus on Google Workspace, GCP, AWS, or Azure.
• Hands-on expertise in Google Admin Console, Security Center, Google Vault, Cloud Identity, and GCP services such as Compute Engine, VPC, IAM, GKE, and BigQuery.
• Experience with infrastructure-as-code tools (Terraform, Ansible, Deployment Manager).
• Familiarity with CI/CD tools (GitLab CI, Jenkins, Cloud Build).
• Strong background in Linux systems, networking, and containerization (Docker, Kubernetes).
• Proficiency in Google Workspace API security, OAuth, API integrations, and IAM (Google, AWS IAM, or Azure AD).
• Proven experience managing cloud security platforms (Google Workspace, Netskope, AWS, Azure).
• Proficiency in DLP, Zero Trust architectures, IAM, and email security (DKIM, SPF, DMARC).
• Familiarity with SIEM/SOAR platforms, threat detection, and security logging.
• Strong understanding of federal frameworks: NIST 800-53, FedRAMP, FISMA, DISA STIGs, and ATO processes.
• Experience in both on-prem and hybrid cloud environments.
• Scripting ability in Python, Bash, or Go.
• Strong communication skills, including the ability to explain technical concepts to non-technical stakeholders.
• Experience working in Agile/Scrum environments.
• Relevant certifications (e.g., GCP Professional Cloud Architect, GCP DevOps Engineer) preferred.

Nice to Have:

• Certification in Cloud Security (e.g., Google Cloud Security Engineer, CISSP, CISM, CCSP).
• Familiarity with cloud security tools and solutions beyond Google Workspace and Netskope.
• Experience with security frameworks and best practices (e.g., NIST, ISO 27001).
• Previous experience in a government or large enterprise setting.