Key skills
FedRAMPDISA Impact Level 5NIST 800-53DISA Cloud Security Requirements Guide (SRG)VDMSVDSSBCAPFirewallsIntrusion Detection SystemsSecurity Information and Event Management (SIEM)Security PlansRisk AssessmentsIncident ReportsSecure Coding PracticesVulnerability AssessmentsVulnerability RemediationCloud SecuritySoftware SecurityAI System SecurityGoogle Security Command CenterAWS Security HubAzure Security CenterTenable ProductsAI/ML Security Assessment FrameworksCISSPCCSPProfessional Cloud Security EngineerSecurity AutomationDevSecOpsInfrastructure as Code (IaC)Google CloudAWSAzureIncident ResponseAIMLSDLCCommunicationNetwork Security
About this role
Game Plan Tech is a dynamic company dedicated to empowering public sector organizations with Google solutions. They are seeking a Senior Security Engineer to ensure the security of cloud infrastructure, software, and AI systems while ensuring compliance with government regulations.
Responsibilities:
- Document and manage security architectures for cloud environments (e.g., Google Cloud, AWS, Azure). This includes securing cloud resources, managing access control, assessing network security, and ensuring data protection
- Integrate security practices throughout the software development lifecycle (SDLC). This involves integrating security into software processes such as code reviews, vulnerability assessments, and promoting secure coding practices
- Assess and mitigate security risks specific to AI systems
- Ensure that systems and processes meet relevant government security standards and regulations (e.g., NIST 800-53, DISA Impact Levels). This includes conducting security audits, preparing documentation, and participating in accreditation activities
- Develop and execute incident response plans, investigate security breaches, and implement corrective actions
- Promote security awareness across the organization through training, communication, and best practice guidance
- Stay abreast of emerging security threats and vulnerabilities, and proactively implement measures to mitigate risks
Requirements:
- Knowledge of government compliance frameworks and accreditation processes, such as FedRAMP, DISA Impact Level 5, NIST 800-53
- Experience with the DISA Cloud Security Requirements Guide (SRG)
- Experience working with Department of War (DoW) security stacks including VDMS, VDSS, BCAP, and other related security frameworks, tool, and common practices
- Knowledge of security technologies such as firewalls, intrusion detection systems, and security information and event management (SIEM) tools
- Experience documenting system security posture and adherence to security controls, including creating and maintaining security plans, risk assessments, and incident reports
- Familiarity with secure coding practices, vulnerability assessments, and vulnerability remediation
- Strong understanding of cloud security best practices
- Must be a U.S. Citizen and eligible to obtain a Top Secret clearance
- Strong understanding of software security and AI system security
- Hands-on experience with security tools and technologies for cloud environments (e.g., Google Security Command Center, AWS Security Hub, Azure Security Center, Tenable Products)
- Knowledge of specific AI/ML security assessment frameworks
- Bonus points for relevant security certifications (e.g., CISSP, CCSP, Professional Cloud Security Engineer)
- Experience with security automation and DevSecOps practices and Infrastructure as Code (IaC)