Cloud Systems Engineer (Automation / IaC)

About The Position

Requirements

• 3 to 6 years of progressive, hands-on experience in cloud infrastructure engineering with a strong focus on automation and IaC.
• Bachelor’s degree in Computer Science, Information Systems, Systems Engineering, or a related field. Relevant experience may substitute.
• Strong proficiency in Terraform for multi-cloud infrastructure provisioning; experience with module design, state management (remote backends), and workspace strategies.
• Hands-on experience with Ansible for configuration management, OS hardening, and application deployment automation.
• Proficiency in Python and/or Bash for infrastructure scripting, automation tooling, and API integration.
• Working knowledge of cloud infrastructure services across AWS, Azure, and/or GCP — compute, networking, storage, IAM, and managed platform services.
• Experience with GitOps practices and integrating IaC into CI/CD pipelines.
• Understanding of container orchestration (Kubernetes/EKS/AKS/GKE) and IaC patterns for containerized workloads.
• Knowledge of policy-as-code approaches (OPA, Sentinel, AWS Config, or Azure Policy) for compliance enforcement.
• Solid understanding of FedRAMP, FISMA, NIST 800-53, and STIG requirements as they apply to cloud infrastructure automation.
• U.S. Citizenship and the ability to obtain and maintain a DHS suitability / Public Trust clearance.

Nice To Haves

• HashiCorp Certified: Terraform Associate or Professional.
• AWS Certified SysOps Administrator, AWS Certified DevOps Engineer, Azure Administrator Associate, or equivalent GCP certification.
• Red Hat Certified Engineer (RHCE) or equivalent Ansible certification.
• Security+ or equivalent DoD 8570 baseline certification.
• Federal cloud infrastructure automation experience.
• Active Public Trust or higher clearance.

Responsibilities

• Design, develop, and maintain reusable Terraform modules and Ansible playbooks for provisioning and configuring cloud infrastructure across AWS, Azure, and GCP under FedRAMP High authorization.
• Implement GitOps workflows for infrastructure change management — version-controlled, peer-reviewed, and pipeline-enforced — integrated with CI/CD tooling (Harness, GitHub Actions, or equivalent).
• Automate system configuration, OS hardening, and STIG compliance enforcement using Ansible and Python scripting; develop idempotent playbooks that run cleanly in both initial provisioning and drift remediation contexts.
• Manage cloud infrastructure state and drift detection; implement automated alerting and remediation for configuration deviations from approved baselines.
• Build and maintain infrastructure automation for compute, networking, storage, and IAM components across multi-cloud environments, including VPCs, subnets, security groups, managed databases, and container platforms.
• Support the integration of policy-as-code tools (OPA, Sentinel, or AWS Config Rules) to enforce compliance guardrails within the provisioning pipeline.
• Implement infrastructure monitoring, health checks, and self-healing automation using cloud-native monitoring services and scripting.
• Collaborate with Security and Compliance teams to ensure IaC templates meet NIST 800-53, FedRAMP, and DHS 4300A control requirements; contribute to ATO evidence and documentation.
• Participate in operational support rotations; respond to infrastructure incidents, perform root cause analysis, and implement preventive automation.
• Develop and maintain infrastructure documentation, architecture decision records, and runbooks in client's Architecture Repository standards.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Training & Development
• Work From Home
• Wellness Resources
• Employee Bonus Programs