NLM Cloud Engineer I

About The Position

Requirements

• 2–4 years of relevant cloud engineering or DevOps experience
• Bachelor's degree or other degree(s) in Computer Science, Information Technology, Engineering, or related fields
• Hands-on experience with cloud platforms (Google Cloud, AWS, and/or Azure) in IaaS, PaaS, and SaaS configurations
• Proficiency with CI/CD tools such as GitLab, GitHub, Nexus, or equivalent platforms
• Experience with containerization and orchestration tools, including Docker, Kubernetes, Anthos, and/or OpenShift
• Working knowledge of Infrastructure as Code (IaC) tools such as Terraform, Ansible, Puppet, and/or AWS CDK
• Familiarity with FISMA compliance requirements and federal cybersecurity frameworks (NIST SP 800-53, NIST SP 800-171)
• Experience with version control systems such as Bitbucket and/or GitLab
• Strong written and oral communication skills; ability to convey technical concepts in plain language

Nice To Haves

• Experience with monitoring and logging tools such as EFK stack, Prometheus, and/or Grafana
• Familiarity with vulnerability scanning and penetration testing tools, including Tenable, Prowler, Netsparker, Checkmark, and/or OWASP
• Experience supporting Authority to Operate (ATO) processes and developing System Security Plans (SSPs)
• Knowledge of Identity and Access Management (IAM) and cloud account administration in commercial cloud environments
• Experience with distributed computing systems and batch queuing software, including open-source map/reduce frameworks (e.g., Hadoop)
• Familiarity with database technologies such as RDS, MySQL, MongoDB, MS SQL, PostgreSQL, and/or Elasticsearch
• Experience with ticketing and documentation systems such as JIRA, ServiceNow, and/or Confluence Wiki
• Knowledge of FedRAMP requirements and secure remote access administration
• Prior experience supporting NIH, HHS, or other federal government IT environments
• Relevant certifications such as AWS Certified Solutions Architect, Google Cloud Professional, Microsoft Azure Administrator, or CompTIA Security+

Responsibilities

• Recommend, deploy, and manage version control systems; support NLM's use of Bitbucket, GitLab, and other platforms as needed
• Implement and administer CI/CD pipelines for all approved development frameworks at NLM, utilizing tools such as GitLab, GitHub, TeamSite, Nexus, Kubernetes, Ansible, and Terraform
• Recommend and configure Infrastructure as Code (IaC) tools to support scalable, repeatable deployments
• Implement, administer, and support cross-datacenter deployments using Docker and other containerization tools
• Set up, administer, and maintain elastic and cost-efficient container orchestration environments using Kubernetes, Anthos, and/or OpenShift
• Provide monitoring and logging capabilities to collect, store, and analyze data on application performance and infrastructure availability using EFK stack, Prometheus, Grafana, and other tools
• Recommend and configure vulnerability scanners and penetration testing tools; conduct ongoing vulnerability assessments and threat identification using Tenable, Prowler, Netsparker, Checkmark, and OWASP
• Provide day-to-day cloud operations support, including secure remote access administration, compute and cost model analysis, and implementation of selected cloud solutions
• Support cybersecurity and risk management activities across NLM enterprise systems, including application, network, system, and database security; resolve identified software, firmware, system, and hardware vulnerabilities within prescribed timeframes
• Assist the Government in creating, developing, and maintaining Authority to Operate (ATO) documentation and System Security Plans (SSPs) on an annual basis and as needed
• Track and manage current known vulnerabilities using Tenable Security Center
• Provide technical support for systems and database design; coordinate and implement open-source software such as Apache server services
• Administer, configure, and maintain distributed computing systems using batch queuing software and open-source map/reduce frameworks
• Provide customer service to internal and external staff; resolve issues in a highly technical environment through clear communication, administer user accounts, monitor system performance, and track problem reports through JIRA, ServiceNow, and/or equivalent ticketing systems
• Create and maintain technical documentation using Confluence Wiki and other tools
• Support cloud development and cloud computing infrastructure for production web services, high-performance computing, and high-throughput processing environments; administer commercial cloud accounts through IAM and monitor cloud resource utilization efficiency
• Assist in implementing, maintaining, and executing computer security practices in accordance with Government FISMA policies, including firewalls, intrusion detection, secure computing environments, and disaster recovery
• Provide technical support and guidance to development teams for migration to and utilization of the DevOps platform
• Ensure compliance with organizational security and privacy policies, protect sensitive data and systems, report security incidents within required timeframes (no later than one hour of discovery), and participate in required annual cybersecurity and privacy training per HHS/NIH requirements
• Implement secure coding best practices as directed by US-CERT standards and OWASP guidelines

Benefits

• full health and dental for you and your dependents
• retirement and HSA accounts
• short- and long-term disability insurance
• life and accident insurance
• paid time off
• 11 federal holidays