Cloud Network Security Architecture Manager (TIC 3.0)

About The Position

Requirements

• Bachelor’s degree or equivalent experience.
• 10+ years in cloud, network, or platform engineering within enterprise or federal environments.
• 3+ years leading AWS/Azure hybrid or multi cloud architectures.
• Experience supporting federally regulated cloud/network environments.
• Ability to support 24×7×365 TIC operations and incident response bridges.
• Strong knowledge of NIST 800 53/RMF, Zero Trust, TIC 3.0, FedRAMP, and continuous monitoring.
• Hands on experience with cloud networking, IAM/Entra ID, VPC/VNet design, SD WAN, DNS, NAT, and firewalls.
• Familiarity with IaC/automation (Terraform, CloudFormation/Bicep, Ansible) and CI/CD pipelines.
• Experience with Kubernetes/OpenShift architectures, observability tools, and log analytics/SIEM platforms.
• Ability to lead multi vendor/SIAM coordination, cross domain changes, and compliance remediation.
• Public Trust clearance required.
• Hybrid position in Martinsburg, WV or Austin, TX.
• Visa sponsorship will not be provided for this position.

Nice To Haves

• AWS Solutions Architect – Professional
• Azure Solutions Architect Expert
• VMware Certified Professional
• CKA/CKAD or OpenShift Administrator
• Terraform Associate

Responsibilities

• Lead secure cloud and network architecture design across AWS, Azure, and VA enterprise environments.
• Oversee TIC 3.0 modernization, gateway operations, DNS filtering, SSL decryption, and IPS/IDS signature management.
• Manage security, compliance, and performance for multi cloud and hybrid network environments.
• Coordinate with engineering, cybersecurity, and operations teams to align solutions with VA policies and mission objectives.
• Communicate risks, technical impacts, and architecture decisions to leadership and stakeholders.
• Evaluate emerging technologies, conduct pilots, assess vendor solutions, and recommend modernization approaches.
• Provide Tier IV escalation support for cloud network security, gateway, and telecom issues.
• Produce security and TIC reporting, vulnerability summaries, and compliance updates.
• Oversee external connection approvals, VPN/BPE lifecycle, audits, and configuration reviews.
• Lead technical refresh, gateway redesign, and next generation TIC/gateway implementation.
• Mentor engineering staff and promote adoption of secure architecture practices.
• Support development of functional requirements, technical documentation, and test/validation plans.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.