DoW GCP Information Systems Security Engineer; ISSE

Tetrad Digital Integrity (TDI) is a cybersecurity firm built for high-consequence environments where mission, complexity, and trust intersect. Our single focus has been delivering cyber solutions to effectively manage risk & the business of cyber for 25 years!

We have an immediate opportunity for a DoW Cloud (GCP) Information Systems Security Engineer (ISSE) to support security engineering execution for a mission-critical, cloud-hosted defense system. This is a high-visibility engagement with frequent change, heavy stakeholder involvement, and a system treated as a high-value target. This is not a “paper security” role. We need a team player who is a mission-focused operator, who can translate security requirements into real implementations, drive engineering outcomes under pressure, and deliver customer-ready technical work with minimal oversight.

If you are a hands-on builder who can translate NIST/DoD requirements into implemented controls in cloud and Kubernetes environments, automate repeatable validation, and deliver customer-ready technical outputs under pressure with minimal oversight, please apply!

• Design, implement, and validate security controls for cloud-hosted and hybrid systems in support of DoD RMF objectives and continuous monitoring needs
• Translate security requirements (NIST SP 800-53, CNSS policy, DoD Cloud Computing SRG, applicable AI guidance) into actionable engineering tasks and secure architecture patterns. Conduct security architecture reviews and security engineering analysis for cloud-native and containerized workloads hosted in Google Cloud Platform (GCP)
• Engineer and validate security controls associated with Kubernetes, Docker, and container orchestration platforms within GCP (e.g., identity, network segmentation, secrets, supply chain controls, logging/auditing)
• Implement and operationalize cloud security fundamentals including IAM design, encryption/KMS, network controls, secure service configuration, and centralized logging/monitoring
• Support secure SDLC/Dev Sec Ops  practices: CI/CD security controls, artifact integrity, configuration-as-code, vulnerability scanning integration, and secure release gating. Perform threat modeling, vulnerability assessments, and risk analysis; produce clear mitigation plans and validate corrective actions
• Support DISA STIG implementation/validation and hardening baselines, partnering with platform and Dev Sec Ops  teams to ensure sustainable compliance
• Partner with ISSM/ISSO and CND stakeholders to ensure engineering work produces audit-ready evidence and strengthens operational defense (telemetry, detection hooks, response readiness)
• Optimize delivery through automation: build scripts, policy-as-code, validation checks, and responsible AI-enabled workflows to reduce repetitive work and improve quality
• Document designs, decisions, and implementations clearly; provide customer-ready technical briefings and written outputs with minimal editing

• Active Secret or Top-secret clearance
• Role required security certification such as: CISSP-ISSAP, CISSP-ISSEP
• Demonstrated experience as an ISSE/security engineer supporting modern systems in regulated cloud or hybrid environments
• Strong working knowledge of NIST 800-53 control intent and how to implement controls technically (not just document them)
• Hands-on cloud engineering experience (GCP strongly preferred; AWS/Azure acceptable) including IAM, networking, encryption/KMS, logging/monitoring, and secure configuration patterns
• Experience securing containerized platforms (Kubernetes/Docker) and implementing practical controls for workload isolation, admission controls/policy, secrets management, and audit logging
• Experience integrating security into CI/CD and infrastructure-as-code workflows (e.g., automated checks, scanning, gated releases)
• Strong writing and communication skills: able to produce precise, stakeholder-ready technical outputs with minimal oversight
• Demonstrated adoption of automation (scripts, repeatable workflows, and responsible AI-enabled methods) to increase scale, speed, and quality
• Comfort operating in a high-change environment with competing priorities and time-sensitive delivery needs
• Cloud certification (e.g., CCSP or cloud provider security / professional certs such as Google’s Professional Cloud Dev Ops Engineer, Professional Cloud Security Engineer, or Professional Cloud Network Engineer)

If you prefer slow-moving architecture work, stable requirements, or a role limited to documentation and reviews, this will not be a good match with your skills.