NLM Cloud Engineer II

About The Position

Requirements

• 6 years of relevant cloud engineering or DevOps experience
• Bachelor's degree or other degree(s) in Computer Science, Information Technology, Engineering, or related fields
• Hands-on experience with cloud platforms including AWS, Google Cloud (GC), and/or Microsoft Azure in IaaS, PaaS, and SaaS configurations
• Proficiency with container orchestration tools such as Kubernetes, Anthos, and/or OpenShift
• Experience implementing and administering CI/CD pipelines using tools such as GitLab, GitHub, Nexus, Ansible, and/or Terraform
• Working knowledge of Infrastructure as Code (IaC) tools including Terraform, Ansible, Puppet, and/or AWS CDK
• Experience with containerization platforms such as Docker and related cross-datacenter deployment technologies
• Familiarity with Federal Information Security Modernization Act (FISMA) requirements and the ability to assist with Authority to Operate (ATO) documentation and System Security Plans (SSPs)
• Experience with monitoring and logging tools such as EFK stack, Prometheus, and/or Grafana
• Proficiency with vulnerability scanning and security assessment tools such as Tenable Security Center, Prowler, Netsparker, Checkmarx, and/or OWASP
• Strong written and oral communication skills; ability to convey complex technical information in plain language

Nice To Haves

• Experience supporting cloud operations within a Federal government or NIH/HHS environment
• Familiarity with distributed computing frameworks such as Hadoop and batch queuing systems
• Experience with database technologies including RDS, MySQL, MongoDB, MS SQL, PostgreSQL, and/or Elasticsearch
• Knowledge of Identity and Access Management (IAM) for commercial cloud accounts and multi-cloud environments
• Experience with version control systems such as Bitbucket and/or GitLab
• Familiarity with ticketing and documentation systems such as JIRA, ServiceNow, and Confluence Wiki
• Understanding of NIST SP 800-53, NIST SP 800-171, and related federal cybersecurity standards
• Experience supporting Privacy Impact Assessments (PIA) and Privacy Threshold Analyses (PTA)
• Familiarity with open-source server technologies such as Apache and related services
• Relevant certifications such as AWS Certified Solutions Architect, Google Professional Cloud Engineer, Microsoft Azure Administrator, or equivalent

Responsibilities

• Recommend, deploy, and manage version control systems including Bitbucket, GitLab, and GitHub
• Implement and administer CI/CD pipelines for all approved development frameworks at NLM
• Configure and maintain Infrastructure as Code (IaC) tools including Terraform, Ansible, Puppet, and CDK
• Implement, administer, and support cross-datacenter containerized deployments using Docker and related tools
• Set up and maintain elastic and cost-efficient orchestration environments using Kubernetes, Anthos, and OpenShift
• Provide monitoring and logging capabilities to collect, store, and analyze performance and availability data across software applications and infrastructure
• Configure and manage vulnerability scanners and penetration testing tools to ensure the security of applications and infrastructure
• Provide technical support and guidance to development teams migrating to and utilizing the DevOps platform
• Provide day-to-day cloud operations support, including administration of cloud computing, storage, and service platforms; analyze compute and cost models and implement selected cloud solutions
• Support cybersecurity and risk management across the NLM enterprise, including resolving software, firmware, and hardware vulnerabilities identified through regular security scanning
• Assist the Government in creating, developing, and maintaining Authority to Operate (ATO) documentation and System Security Plans (SSPs)
• Track and manage current known vulnerabilities using Tenable Security Center and other approved tools
• Provide technical support for systems and database design, coordinating and implementing open-source software such as Apache server services
• Administer, configure, and maintain distributed computing systems using batch queuing software and open-source map/reduce frameworks such as Hadoop
• Support cloud development and infrastructure for production web services, high-performance computing, and high-throughput processing environments
• Assist in implementing and maintaining FISMA computer security practices, including firewalls, intrusion detection, secure computing environments, and disaster recovery
• Conduct ongoing vulnerability assessments and threat identification, presenting results and ensuring resolution within prescribed time limits
• Provide customer service to internal and external staff, resolving issues in a highly technical environment through clear, accessible communication
• Ensure compliance with organizational security and privacy policies, protect sensitive data and systems, report security incidents, and participate in required HHS/NIH cybersecurity and records management training
• Ensure all work complies with HHS, NIH, NLM, and LHNCBC security and operational policies

Benefits

• full health and dental for you and your dependents
• retirement and HSA accounts
• short- and long-term disability insurance
• life and accident insurance
• paid time off
• 11 federal holidays