[Remote] Site Reliability Engineer (Google Cloud Platf
Note: The job is a remote job and is open to candidates in USA. Quzara LLC is a company focused on providing secure cloud solutions, and they are seeking a Site Reliability Engineer specialized in Google Cloud Platform. The role involves designing, operating, and securing GCP environments while ensuring compliance with federal regulations and automating infrastructure to enhance reliability and security.ResponsibilitiesDesign, build, and operate secure GCP cloud foundations and landing zones for federal and regulated environments, including organization hierarchy, policy guardrails, Assured Workloads, and Cloud Foundation Toolkit-based deployment patternsEngineer and maintain secure GCP network architectures, including Shared VPC, hub-and-spoke topology, VPC Service Controls, Access Context Manager, Private Google Access, Private Service Connect, Cloud NGFW, Cloud Armor, load balancing, DNS, NAT, VPN, and Interconnect under least-exposure principlesImplement and administer identity, access, privileged access, and encryption controls, including least-privilege IAM, custom roles, IAM Conditions, deny policies, service-account hygiene, Workload Identity Federation, Privileged Access Manager, Access Approval, Access Transparency, BeyondCorp Enterprise, IAP, Cloud KMS, Cloud HSM, CMEK, and Cloud EKMDevelop and operate security monitoring, threat detection, and response capabilities using Chronicle/Google Security Operations, Security Command Center, curated detections, YARA-L, threat intelligence, SOAR playbooks, telemetry pipelines, and integration with MDR/SOC workflowsBuild and maintain logging, audit, observability, and reliability capabilities using Cloud Audit Logs, aggregated log sinks, retention policies, BigQuery/Chronicle exports, Cloud Monitoring, Cloud Logging, dashboards, uptime checks, SLIs/SLOs, alerting, on-call operations, incident response, and blameless postmortemsSecure and operate cloud workloads and platforms, including Sensitive Data Protection/Cloud DLP for CUI discovery and de-identification, hardened GKE environments, Workload Identity, Shielded/Confidential nodes, network policy, GKE Policy Controller, Binary Authorization, and secure Artifact Registry image promotionAutomate infrastructure, security, compliance, and reliability operations using Terraform, Infrastructure Manager, Cloud Foundation Toolkit, policy-as-code, secure CI/CD pipelines, Cloud Build, Cloud Deploy, and scripting in Python, Go, or Bash to reduce manual work and operational toilTranslate federal security and compliance requirements into GCP configurations and audit-ready evidence, including NIST SP 800-53, NIST SP 800-171, FedRAMP, CMMC, control inheritance, customer responsibility matrices, RMF/FedRAMP authorization support, and assessor/AO documentationPartner directly with customers and internal stakeholders to communicate technical requirements, operational risks, compliance expectations, and implementation status to both technical and non-technical audiencesOther duties as assignedSkillsBachelor's degree in Computer Science, Cybersecurity, Information Systems, Computer Engineering, or a related field5+ years of hands-on cloud engineering, site reliability engineering (SRE), or cloud security experience, including 3+ years building and operating production Google Cloud Platform (GCP) environmentsDemonstrated experience designing and operating GCP landing zones / cloud foundations, network segmentation, and VPC Service ControlsHands-on experience with Chronicle (Google Security Operations) and Security Command CenterStrong knowledge of GCP IAM, encryption / CMEK (Cloud KMS), and Assured Workloads for regulated environmentsExperience operating production systems with an SRE mindset — observability (Cloud Monitoring / Cloud Logging), SLOs, on-call, and incident responseWorking knowledge of at least one federal control framework (NIST SP 800-53, NIST SP 800-171, FedRAMP, or CMMC)Proficiency building infrastructure as code with Terraform (Infrastructure Manager / Cloud Foundation Toolkit) and at least one scripting language (Python, Go, or Bash)Proven ability to produce audit-ready documentation and translate technical configurations into compliance evidenceStrong written and verbal communication skills with the ability to clearly convey complex informationDemonstrated ability to manage multiple projects and deadlines with strong organizational skillsMust be a U.S. Citizen and hold an active U.S. government Secret (or higher) security clearanceGoogle Professional Cloud Security EngineerGoogle Professional Cloud DevOps Engineer or Professional Cloud Network EngineerGoogle Professional Cloud ArchitectCISSP, CCSP, or similar cybersecurity certificationFedRAMP, RMF, or CMMC-related training or certifications are a plusCompany OverviewQuzara is a DC-Based Cybersecurity firm. We are US Government SBA 8(a) Certified, WOSB and GSA HAC SINS approved in every category. It was founded in 2015, and is headquartered in Vienna, Virginia, USA, with a workforce of 11-50 employees. Its website is https://www.quzara.com.