Cloud Security Engineer – GCP Security Engineering, SecOps Enablement
TDI (Tetrad Digital Integrity)
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
About the role
- Comply with currently mandated national and DoD-approved policies, directives, architectures, programs, standards, and guidelines.
- Design, implement, and sustain security telemetry/logging architecture in GCP, ensuring high-fidelity signals are collected, normalized, and delivered to the VDSS/SIEM/SOAR stack.
- Own logging coverage and quality for cloud and platform signals, including: Cloud Audit Logs (Admin Activity, Data Access, System Event)
- IAM/service account activity and privileged actions
- VPC Flow Logs, load balancer/WAF/proxy signals
- GKE audit logs and Kubernetes control-plane events
- Security-relevant application/service logs
- Build detection engineering content: queries, correlation logic, alert rules, and dashboards aligned to cloud threat scenarios (IAM abuse, suspicious API usage, workload compromise, data access anomalies, lateral movement paths).
- Develop automation and guardrails to reduce toil and accelerate investigations/response: API-driven enrichment and evidence capture (e.g., asset inventory, IAM bindings, network path/context, log exports)
- Repeatable runbooks/workflows and integration into ticketing/notification pipelines
- Partner with teams to implement and validate security controls that improve defensibility: Secure configuration baselines and drift detection
- Identity and access telemetry improvements
- Network segmentation signals and policy validation
- Container/GKE security instrumentation and runtime visibility
- Execute continuous control-health checks and instrumentation validation (telemetry completeness, parsing quality, alert fidelity, logging pipeline reliability).
- Coordinate cleanly with the CSSP: provide engineered signals, detection content, and automation that improves downstream monitoring and response outcomes.
- Produce clear technical deliverables (engineering notes, detection documentation, dashboards/coverage maps, stakeholder-ready updates) with minimal editing.
Requirements
- Active DoD Secret secret clearance
- Role-required security certification such as: CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+, GCFA, GCIH, SCYBER
- Demonstrated experience in cloud security engineering or security-focused platform engineering in enterprise/mission environments
- GCP strongly preferred (AWS/Azure acceptable with ability to ramp quickly in GCP)
- Strong proficiency in cloud logging/telemetry design, including integration into VDSS/SIEM/SOAR platforms
- Hands-on experience with automation and APIs (Python/Go/Bash, REST/JSON, gcloud/SDKs) to build repeatable security workflows
- Experience with Kubernetes/container security concepts; ability to instrument and operationalize GKE audit/runtime telemetry.
- Practical incident-response awareness (evidence preservation and containment guidance)
- Strong writing/briefing skills; can deliver precise, customer-ready outputs with minimal oversight.
- Comfort operating in a high-change environment with competing priorities and frequent stakeholder engagement.
- Cloud certification preferred (e.g., CCSP or Google Professional Cloud Security Engineer, Professional Cloud DevOps Engineer, Professional Cloud Network Engineer)
Benefits
- Flexible work arrangements
- Professional development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cloud security engineeringsecurity telemetry designautomationAPIsPythonGoBashKubernetesGKE audit telemetryincident response
Soft Skills
strong writing skillsbriefing skillscustomer-ready outputsoperating in high-change environmentsstakeholder engagement
Certifications
DoD Secret clearanceCFRCCNA Cyber OpsCCNA-SecurityCHFICySA+GCFAGCIHSCYBERCCSP