Cloud Solution Architect (Federal)

About The Position

Requirements

• 10+ years designing distributed systems, enterprise infrastructure, and application architectures
• 5+ years architecting solutions in AWS, Azure, or GCP (GovCloud/Government preferred)
• Experience supporting RMF, FedRAMP, and DISA SRG compliance
• Hands-on experience with Kubernetes and Infrastructure as Code
• Active DoD Secret clearance (TS preferred)

Nice To Haves

• AWS Solutions Architect – Professional
• Microsoft Azure Solutions Architect Expert
• Certified Kubernetes Administrator (CKA)
• Certified Cloud Security Professional (CCSP) or CISSP
• FinOps Certified Practitioner

Responsibilities

• Cloud Architecture & Engineering: Design and implement provider-specific architectures in AWS GovCloud and Azure Government, including landing zones, subscription/account strategy, hub-and-spoke networking, private connectivity, and cross-domain integration. Define reference architectures for microservices, event-driven systems, API gateways, and service mesh.
• Zero Trust & Cloud Security: Develop Zero Trust cloud architectures integrating ICAM, conditional access, microsegmentation, and continuous monitoring. Implement security services including CSPM, CWPP, SIEM/SOAR integration, and cloud-native threat detection. Ensure compliance with NIST 800-53, DISA SRG, and DoD IL requirements.
• DevSecOps & Platform Engineering: Establish accredited DevSecOps pipelines using Infrastructure as Code (Terraform, Bicep, CloudFormation) and policy as code. Architect container platforms (Kubernetes/EKS/AKS) and internal developer platforms that enable secure, automated application delivery.
• Cloud Migration & Modernization: Lead application rationalization and migration using the 7R framework. Develop wave plans, data migration strategies, and legacy system modernization approaches including replatforming and refactoring to cloud-native services.
• ATO & RMF Enablement: Produce cloud boundary diagrams, control inheritance models, and SSP artifacts to support RMF authorization. Integrate automated evidence collection and continuous ATO capabilities.
• Data, Analytics & AI Platforms: Architect secure data lake/lakehouse solutions and enable AI/ML workloads with GPU/HPC support in controlled enclaves. Implement secure data sharing and data fabric patterns.
• FinOps & Cost Optimization: Define tagging strategies, cost allocation models, and TCO analyses. Implement automated cost controls and usage optimization aligned with mission funding models.
• Observability & Resilience: Design enterprise logging, monitoring, and AIOps strategies. Define SLIs/SLOs, multi-region DR, backup, and continuity architectures.
• Stakeholder Engagement: Advise senior government and program leadership on cloud strategy, technology selection, and risk tradeoffs. Lead technical governance boards and architecture reviews.