Apply on Employer Site

TDI (Tetrad Digital Integrity) · 1 day ago

DoW GCP Information Systems Security Engineer (ISSE)

Washington, DC

Full-time

Onsite

Senior Level

Tetrad Digital Integrity (TDI) is hiring a DoW Cloud (GCP) Information Systems Security Engineer (ISSE) to support security engineering for a critical cloud-hosted defense system. The role involves translating security requirements into implementations, driving engineering outcomes, and delivering technical work with minimal oversight.

Cyber SecurityNetwork SecuritySecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Design, implement, and validate security controls for cloud-hosted and hybrid systems in support of DoD RMF objectives and continuous monitoring needs

Translate security requirements (NIST SP 800-53, CNSS policy, DoD Cloud Computing SRG, applicable AI guidance) into actionable engineering tasks and secure architecture patterns

Conduct security architecture reviews and security engineering analysis for cloud-native and containerized workloads hosted in Google Cloud Platform (GCP)

Engineer and validate security controls associated with Kubernetes, Docker, and container orchestration platforms within GCP (e.g., identity, network segmentation, secrets, supply chain controls, logging/auditing)

Implement and operationalize cloud security fundamentals including IAM design, encryption/KMS, network controls, secure service configuration, and centralized logging/monitoring

Support secure SDLC/DevSecOps practices: CI/CD security controls, artifact integrity, configuration-as-code, vulnerability scanning integration, and secure release gating

Perform threat modeling, vulnerability assessments, and risk analysis; produce clear mitigation plans and validate corrective actions

Support DISA STIG implementation/validation and hardening baselines, partnering with platform and DevSecOps teams to ensure sustainable compliance

Partner with ISSM/ISSO and CND stakeholders to ensure engineering work produces audit-ready evidence and strengthens operational defense (telemetry, detection hooks, response readiness)

Optimize delivery through automation: build scripts, policy-as-code, validation checks, and responsible AI-enabled workflows to reduce repetitive work and improve quality

Document designs, decisions, and implementations clearly; provide customer-ready technical briefings and written outputs with minimal editing

Qualification

GCPNIST 800-53KubernetesSecurity CertificationCI/CD SecurityCloud Security FundamentalsContainer SecurityAutomationHigh-Change EnvironmentCommunication Skills

Required

Active Secret or Top-secret clearance

Role required security certification such as: CISSP-ISSAP, CISSP-ISSEP

Demonstrated experience as an ISSE/security engineer supporting modern systems in regulated cloud or hybrid environments

Strong working knowledge of NIST 800-53 control intent and how to implement controls technically (not just document them)

Hands-on cloud engineering experience (GCP strongly preferred; AWS/Azure acceptable) including IAM, networking, encryption/KMS, logging/monitoring, and secure configuration patterns

Experience securing containerized platforms (Kubernetes/Docker) and implementing practical controls for workload isolation, admission controls/policy, secrets management, and audit logging

Experience integrating security into CI/CD and infrastructure-as-code workflows (e.g., automated checks, scanning, gated releases)

Strong writing and communication skills: able to produce precise, stakeholder-ready technical outputs with minimal oversight

Demonstrated adoption of automation (scripts, repeatable workflows, and responsible AI-enabled methods) to increase scale, speed, and quality

Comfort operating in a high-change environment with competing priorities and time-sensitive delivery needs

Cloud certification (e.g., CCSP or cloud provider security / professional certs such as Google's Professional Cloud DevOps Engineer, Professional Cloud Security Engineer, or Professional Cloud Network Engineer)