Cloud Security SME, Security Engineer

Summary

Join Game Plan Tech as a Cloud Security Engineer and play a critical role in designing, implementing, and managing security architectures for cloud environments (Google Cloud, AWS, Azure). You will integrate security practices throughout the software development lifecycle (SDLC), assess and mitigate risks specific to AI systems, and ensure compliance with government security standards (FedRAMP, NIST 800-53, DISA Impact Levels). Responsibilities include incident response planning and execution, security awareness promotion, and staying updated on emerging threats. The ideal candidate possesses strong cloud, software, and AI system security understanding, along with experience in security documentation and tool usage. Game Plan Tech is an equal opportunity employer committed to fostering a diverse and inclusive workplace.

Requirements

• Strong understanding of cloud security, software security, and AI system security
• Experience documenting system security posture and adherence to security controls, including creating and maintaining security plans, risk assessments, and incident reports
• Hands-on experience with security tools and technologies for cloud environments (e.g., Google Security Command Center, AWS Security Hub, Azure Security Center, Tenable Products)
• Knowledge of specific AI/ML frameworks and libraries and how to assess their implementations for security

Responsibilities

• Design, implement, and manage security architectures for cloud environments (e.g., Google Cloud, AWS, Azure)
• Secure cloud resources, manage access control, implement network security, and ensure data protection
• Integrate security practices throughout the software development lifecycle (SDLC)
• Conduct code reviews, perform vulnerability assessments, and promote secure coding practices
• Assess and mitigate security risks specific to AI systems, including data poisoning, adversarial attacks, and model theft
• Ensure that systems and processes meet relevant government security standards and regulations (e.g., FedRAMP, NIST 800-53, DISA Impact Levels)
• Conduct security audits, prepare documentation, and participate in accreditation activities
• Develop and execute incident response plans, investigate security breaches, and implement corrective actions
• Promote security awareness across the organization through training, communication, and best practice guidance
• Stay abreast of emerging security threats and vulnerabilities, and proactively implement measures to mitigate risks

Preferred Qualifications

• Knowledge of government compliance frameworks and accreditation processes, such as FedRAMP, NIST 800-53, and FISMA
• Experience with the DISA Cloud Security Requirements Guide (SRG)
• Deep knowledge of security technologies such as firewalls, intrusion detection systems, and security information and event management (SIEM) tools
• Familiarity with secure coding practices, vulnerability assessments, and vulnerability remediation
• Experience with security automation and DevSecOps practices and Infrastructure as Code (IaC)
• Relevant security certifications (e.g., CISSP, CCSP, Professional Cloud Security Engineer)
• Experience working with Department of Defense (DoD) security stacks including VDMS, VDSS, BCAP, and other related security frameworks, tool, and common practices