Cloud Engineer

Job summary

The Cloud Engineer will lead a team of Tier III system administrators to manage current and future cloud-based applications for the Army Geospatial Center (AGC) in the GovCloud environment, including PaaS and SaaS solutions. This role involves leading data and application migration, providing Tier III support for on-premises systems, and collaborating with cross-functional teams on cybersecurity, vulnerability management, and compliance. The engineer will ensure the application of DISA quarterly STIG releases and analyze results.

Qualifications

• Bachelor's degree in Information Technology or similar, or a high school diploma/GED with 8+ years of related experience, or an equivalent combination of education and experience.
• AWS Solutions Architect certification preferred, or other similar AWS certifications required within 90 days of hire.
• DoD 8140/8570.01-M Baseline IA at IAT II or higher (CCNA Security, CySA+, GICSP, GSE, Security+ CE, or SSCP).
• Active Top Secret/SCI clearance.
• Ability to work 100% on customer site (no telework).
• Hands-on AWS engineering experience and formal training in AWS cloud solutions.
• Knowledgeable in application transport and network infrastructure protocols (SSL/TLS, DNS, DHCP, NTP, SSH, HTTP/S, SMTP, Microsoft AD) and their support.
• Computing environment training or certification in Windows Server, Next Generation Firewall, Microsoft, Red Hat, NetApp, VMware, Broadcom, or Cisco.
• Experience in applying DISA STIGs and SRGs, DoD, Army, and IC policies and procedures.
• Experience with creating POAM milestones, compliance, and ensuring application of DISA quarterly STIG releases and STIG results analysis.
• Ability to understand and remediate IAVAs.
• Experience in building, operating, and maintaining Windows SQL Server 2019, Windows Server 2019, RHEL, and CentOS 7/8/9 servers.
• Configure and manage MS SQL and PostgreSQL databases and apply/assess database STIGs or SRG.
• Experience in managing Active Directory, configuring Windows Network Policy Server, configuring Group Policy Objects (GPO), and applying/assessing operating system, web server, and web application STIGs and SRGs.
• Experience with AWS load balancing, failover, and data replication technologies.
• Operational experience with NIPR, SIPR, JWICS, DDTE, DREN, SDREN, AWS, AWS GovCloud (US), cArmy, milCloud, SC2S, and/or C2S.
• Knowledgeable with SCCM, WSUS, SHAVLIK, and other AWS security cloud tools and patching tools.
• Experience with NetApp storage products and cloud storage (AWS EBS, EFS, S3, S3 IA, FSx, Glacier).
• Experience with systems and data encryption.
• Familiarity with configuring both Cisco and Brocade Fibre Channel switches.

Responsibilities

• Lead a team of Tier III system administrators to manage current and future cloud-based applications for the Army Geospatial Center (AGC) in the GovCloud (cArmy AWS IL4) environment, including Platform as a Service (PaaS) and Software as a Service (SaaS) solutions.
• Lead the migration of data and applications.
• Provide Tier III support for AGC-supported on-premises systems and networks.
• Collaborate with cross-functional teams (cybersecurity, system administrators, desktop support) on continuous monitoring, vulnerability management, remediation, security controls, POAM milestones, and compliance.
• Ensure application of DISA quarterly STIG releases and STIG results analysis.
• Perform system administration support and cloud engineering for AGC’s Impact Level 4 systems in the GovCloud environment.
• Develop and maintain architecture requirements, evaluate candidate cloud services, metrics, supporting documentation, and final reference architecture documents.
• Work with the IA team to obtain cloud accreditation approval under the Risk Management Framework (RMF).
• Perform technical reviews of architecture and design artifacts for consistency with United States Army, DoD, and NIST policy, and alignment with system requirements.
• Install, support, and maintain hardware and software infrastructure (firewalls/security groups, servers, storage systems) according to best practices, industry standards, and customer/organizational requirements.
• Apply appropriate Security Technical Implementation Guides (STIGs) and provide check reports with explanations of results in a government-approved format by DoD.
• Apply and maintain IAVM, SARs, CTO, and other applicable directive compliance by specified timelines.
• Support and maintain operating systems, patches, upgrades, and apply Cyber Security requirements for systems.
• Diagnose problems, solve issues, and provide lessons learned.
• Implement controls and procedures to protect information systems assets from modification, disclosure, destruction, or security compromise.
• Provide network and host-based security, incident response, and log collection and analysis.
• Perform regular patches of supported systems and remediate open vulnerabilities.
• Assist in developing guidelines and procedures for administration and security best practices.
• Monitor resource usage, anticipate problems, and suggest solutions.
• Manage production systems and provide higher-level technical support (Tier III) to clients.

Skills

Certifications

Degrees

Security clearance

Relocation