This remote role involves leading the end-to-end design and governance of enterprise-grade Google Cloud Platform (GCP) environments, with a focus on Criminal Justice Information (CJI) systems and compliance with CJIS Security Policy. The position requires deep technical expertise in secure cloud architecture, regulatory alignment, and scalable infrastructure for US public sector clients.
Responsibilities
- Design and govern complex GCP environments, including multi-project hierarchies, hybrid and multi-cloud connectivity, data platforms, AI/ML workloads, and operational best practices.
- Establish reference architectures, landing zones, and foundational patterns using GCP best practices such as Organization Policy Service, Shared VPC, VPC Service Controls, and Assured Workloads.
- Implement zero-trust security models with Identity-Aware Proxy, BeyondCorp Enterprise, CMEK encryption, Binary Authorization, and Confidential Computing to meet CJIS compliance.
- Create high-availability and disaster recovery solutions using multi-region deployments, Cloud Interconnect, Global Load Balancing, and Backup services.
- Drive cost optimization through FinOps strategies, including billing budgets, usage discounts, and analytics via BigQuery exports.
- Translate regulatory, technical, and business requirements into actionable GCP blueprints and decision frameworks tailored for Texas state agencies.
- Collaborate with security teams and stakeholders to align designs with TxRAMP, NIST 800-53, CJIS, and state data classification standards.
- Lead architecture reviews, threat modeling, and compliance gap assessments during cloud migrations and modernization initiatives.
- Document architecture decisions, security control mappings, and audit-ready compliance packages.
- Mentor engineering teams and maintain awareness of GCP roadmap updates, Google Cloud for Government enhancements, and evolving compliance requirements.
Requirements
- Minimum of 8 years of professional experience in cloud architecture, with at least 5 years focused on Google Cloud Platform in enterprise or production environments.
- Demonstrated experience designing secure and compliant GCP architectures for regulated sectors such as government, healthcare, or finance, particularly under CJIS or FedRAMP standards.
- Extensive knowledge across core GCP domains: infrastructure, data analytics, security, operations, application modernization, and AI/ML services.
- Strong understanding of zero-trust security, encryption, network controls like VPC Service Controls, and observability through logging and monitoring pipelines.
- Proficiency with Infrastructure as Code tools, especially Terraform, and experience with CI/CD automation and cloud deployment frameworks.
- Must be a US citizen or permanent resident eligible to work in the United States.
- Required to pass and renew annually an FBI CJIS fingerprint-based background check.
- Commitment to completing CJIS security training and adhering to personnel screening and access control protocols.
- Ability to obtain and maintain security clearances and role-based access under DIR PCM and CJIS policies.
- No disqualifying criminal history per FBI CJIS standards.
- Availability to support a 24x7 production environment as needed.
Nice to Have
- Experience designing architectures for Google Cloud for Government or Assured Workloads in regulated data environments.
- Familiarity with public sector contracts, authorization lifecycles, and multi-cloud governance models.
- Prior experience supporting state agencies, criminal justice organizations, or public safety cloud programs.
- Knowledge of advanced GCP services such as Anthos Service Mesh, Confidential VMs, BeyondCorp Enterprise, Cloud Healthcare API, and Vertex AI.
- Experience presenting to executives, leading architecture review boards, or contributing to RFP/RFI responses.
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or equivalent practical experience.
- Google Cloud Professional Cloud Architect certification is mandatory.
- Google Cloud Professional Security Engineer certification is preferred.
- Google Cloud Professional DevOps Engineer or Professional Data Engineer certification is strongly recommended.
Tech Stack
Google Cloud Platform (GCP), Terraform, Deployment Manager, Cloud Foundation Toolkit, Organization Policy Service, Folders, Projects, Shared VPC, VPC Service Controls, Access Context Manager, Assured Workloads, Google Cloud for Government, CMEK, Identity-Aware Proxy (IAP), BeyondCorp Enterprise, Binary Authorization, Confidential Computing, Security Command Center Premium, Chronicle SIEM, Cloud Interconnect, Partner Interconnect, Cloud DNS, Global Load Balancing, Backup and DR services, Billing Budgets
Benefits
- Medical, dental, and vision insurance coverage
- Flexible spending or health savings account options
- Life and accidental death & dismemberment (AD&D) insurance
- Short-term and long-term disability protection
- Paid time off
- Employee assistance program
- 401k plan with company matching contributions
- Additional voluntary or legally mandated benefits
Compensation
Starting pay range: $104,000 - $154,000 yearly or up to $100/hr for temporary positions. Actual compensation varies based on experience, technical skills, and qualifications. Incentive compensation may be available based on individual and/or company performance, excluding temporary roles.
Work Arrangement
Remote in US — Remote work available; however, arrangements may change based on client requirements. In-office attendance may be required for meetings or events depending on business needs.
Team
Cross-functional team including DIR PCM program leadership, agency stakeholders, security teams, and delivery engineers.
- Inclusive
- Adaptable
- Forward-thinking
- Committed to responsible innovation
- Flexible and responsive to evolving client and employee needs
Additional Information
- Applicant must be a US citizen or Green card holder to apply.
- FBI CJIS background check is required every 12 months.
- CJIS security awareness training and adherence to personnel screening protocols are mandatory.
- Ability to obtain and maintain required security clearances or access privileges under DIR PCM and CJIS Security Policy.
- No disqualifying criminal history as defined by FBI CJIS standards.
- Position supports a 24x7 operations production support model.
- Incentive compensation may be available based on performance, not applicable to temporary roles.
- Company benefits vary depending on the nature of the role offered.
Not available
