Cloud Security SME - Security Engineer

Key Responsibilities

• Cloud Security: Design, implement, and manage security architectures for cloud environments (e.g., Google Cloud, AWS, Azure). This includes securing cloud resources, managing access control, implementing network security, and ensuring data protection.

• Software Security: Integrate security practices throughout the software development lifecycle (SDLC). This involves conducting code reviews, performing vulnerability assessments, and promoting secure coding practices.

• AI System Security: Assess and mitigate security risks specific to AI systems, including data poisoning, adversarial attacks, and model theft.

• Compliance and Accreditation: Ensure that systems and processes meet relevant government security standards and regulations (e.g., FedRAMP, NIST 800-53, DISA Impact Levels). This includes conducting security audits, preparing documentation, and participating in accreditation activities.

• Incident Response: Develop and execute incident response plans, investigate security breaches, and implement corrective actions.

• Security Awareness: Promote security awareness across the organization through training, communication, and best practice guidance.

• Threat Intelligence: Stay abreast of emerging security threats and vulnerabilities, and proactively implement measures to mitigate risks.

Desired Qualifications

• Compliance Expertise: Knowledge of government compliance frameworks and accreditation processes, such as FedRAMP, NIST 800-53, and FISMA

• Experience with the DISA Cloud Security Requirements Guide (SRG)

• Deep knowledge of security technologies such as firewalls, intrusion detection systems, and security information and event management (SIEM) tools

• Familiarity with secure coding practices, vulnerability assessments, and vulnerability remediation

• Experience with security automation and DevSecOps practices and Infrastructure as Code (IaC)

What we are looking for in a strong candidate:

• Strong understanding of cloud security, software security, and AI system security

• Experience documenting system security posture and adherence to security controls, including creating and maintaining security plans, risk assessments, and incident reports

• Hands-on experience with security tools and technologies for cloud environments (e.g., Google Security Command Center, AWS Security Hub, Azure Security Center, Tenable Products)

• Knowledge of specific AI/ML frameworks and libraries and how to assess their implementations for security

• Bonus points for relevant security certifications (e.g., CISSP, CCSP, Professional Cloud Security Engineer)

• Experience working with Department of Defense (DoD) security stacks including VDMS, VDSS, BCAP, and other related security frameworks, tool, and common practices

Game Plan Tech is an equal opportunity employer committed to fostering a diverse and inclusive workplace. We provide equal employment opportunities to all individuals, regardless of race, color, religion, gender, gender identity, sexual orientation, national origin, age, disability, genetic information, veteran status, or any other characteristic protected by applicable federal, state, or local law. We value diversity and are committed to ensuring a respectful, inclusive, and supportive environment for all employees, contractors, and applicants. 

If you require reasonable accommodation during the application process or employment, please contact hr@gameplan.tech.