Director - Secure Cloud Hosting (AWS/Azure)

About The Position

Requirements

• 10+ years in cloud/platform engineering or operations
• 5+ years leading multidisciplinary teams in a 24x7 environment, including direct leadership of Staff/Principal Architects.
• Proven ability to drive IaC adoption and automation in regulated or security-sensitive organizations.
• Track record directing teams delivering with IaC (e.g., Terraform, Bicep, Pulumi, CloudFormation, AWS CDK) and policy-as-code; able to set standards, review designs, and enforce guardrails.
• Architectural depth across AWS and Azure (identity, networking, security, compute, storage, data protection) with the ability to evaluate designs, set guardrails, and make trade‑offs.
• Demonstrated experience governing landing zones, guardrails, and policy‑as‑code in client‑facing accounts, including readiness criteria and auditability.
• Strong command of ITIL 4 and SRE practices; instituted operating mechanisms (CAB, incident/post‑incident reviews, error budgets) that improved MTTR and change success rate.
• Security/compliance depth: NIST 800‑53, ISO 27001 (evidence management and continuous control monitoring expectations).
• FinOps leadership: cost governance, optimization, showback/chargeback, and executive reporting.
• Excellent stakeholder management: executive communication, QBRs, risk/ROI storytelling, and cross‑functional alignment.
• Experience leading organizational change (e.g., IaC adoption, SRE, AI‑Ops) with clear OKRs/SLOs and adoption metrics.
• Proven ability to build, develop, and succession‑plan multi‑disciplinary teams; attracts and scales talent in high‑growth, regulated environments.

Nice To Haves

• Experience defining strategy and measurable use cases for AI in operations (e.g., AWS Bedrock, Azure AI Foundry) across automation, observability, and compliance.
• Understanding of AI governance, model security, and responsible AI practices in regulated environments.
• Familiarity with FedRAMP for government workloads.

Responsibilities

• Define and own the multiyear service roadmap (landing zones, guardrails, automation, observability, DR, FinOps) and prioritize investments that advance reliability, security, and cost efficiency.
• Set SLO/SLA policy and institutionalize SRE practices (error budgets, reliability guardrails, automated remediation) through operating mechanisms and dashboards.
• Establish and approve reference architectures, templates, and IaC standards; ensure adoption across teams and vendors.
• Direct cloud governance (AWS Orgs/SCPs; Azure Mgmt Groups/Policy; tagging & cost allocation) and audit adherence.
• Define the strategy for AI‑driven automation and observability (e.g., Bedrock, Azure AI Foundry) and sequence use‑cases that deliver measurable impact.
• Oversee onboarding of new client environments (landing zones, identity, networking, policy‑as‑code, baselines); approve readiness criteria and cutover.
• Be accountable for day‑to‑day operations outcomes (patching, backups/restore, capacity, performance, monitoring/alerting) delivered by teams and vendors, with clear KPIs and review cadences.
• Govern ITIL 4 processes (incident, change/CAB, problem, request) with targets for MTTR, change success rate, and RCA quality.
• Ensure a 24/7 support model (runbooks/playbooks, on‑call rotations) is funded, staffed, tested, and reviewed via post‑incident governance; mandate chaos engineering and DR test schedules with executive readouts.
• Champion integration of AI agents into operations; approve guardrails for automated remediation and anomaly detection.
• Ensure defensible controls aligned to NIST 800‑53, ISO 27001, SOC 2, and (where applicable) FedRAMP, with continuous control monitoring and evidence management.
• Oversee vulnerability management, detection/response, log aggregation, key/secret management, and PAM; set risk thresholds and remediation SLAs.
• Direct continuous compliance via AWS Config, Azure Policy, CIS Benchmarks, Well‑Architected/CAF; review exceptions and drive closure.
• Partner with Security/Compliance leadership on audits, findings, and corrective action plans.
• Govern secure AI workload deployment and ensure adherence to emerging AI governance frameworks with NIST/ISO/FedRAMP alignment.
• Make IaC the default operating model and hold teams accountable for compliant, automated delivery.
• Set direction and approve architectures for Terraform/Bicep/Pulumi/CloudFormation/CDK; ensure secure automation and traceability.
• Ensure CI/CD pipelines (GitHub Actions, Azure DevOps, AWS CodePipeline) implement policy‑as‑code, scanning, and segregation of duties.
• Establish standards, reusable modules, and best practices; sponsor enablement and coaching programs for teams.
• Champion AI‑assisted IaC validation and enforcement to accelerate secure deployments.
• Be accountable for end‑to‑end observability (CloudWatch, Azure Monitor, Datadog/Prometheus/Grafana, APM/trace, SIEM) with tiered standards by criticality.
• Approve golden signals and SLO dashboards; require auto‑remediation where feasible and review trend reports.
• Direct AI‑driven observability strategy for predictive alerting and noise reduction; track alert fatigue and burn rate.
• Own cost governance through budgets/forecasts, rightsizing, reservations/savings plans, anomaly detection, and showback/chargeback executed by FinOps and engineering.
• Establish and enforce tagging & cost allocation policy; publish executive reports and drive optimization guardrails that protect reliability and security.
• Track unit economics (cost‑to‑serve per workload/tenant) and improve over time through design standards and lifecycle management.
• Build trusted relationships with executives, business leaders, application owners, and client stakeholders; run QBRs and roadmap reviews tied to outcomes.
• Manage cloud provider and vendor partnerships; escalate and influence roadmaps/support aligned to your strategy.
• Lead and develop a multi‑disciplinary organization (ops, engineering, admins, PMO, security, ITSM); recruit, coach, set goals, and succession‑plan.
• Foster a culture of accountability, automation‑first, and continuous improvement; recognize performance and address gaps.

Benefits

• ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future. We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy. We will consider for employment qualified applicants with arrest and conviction records. Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email [email protected] and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act. Candidate AI Usage Policy At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process. However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at [email protected]. We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed. Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The pay range for this position based on full-time employment is: $191,339.00 - $325,277.00 Reston, VA (VA30) Need help? We're here: [email protected] About ICF ICF is a global consulting and technology services company with approximately 9,000 employees, but we are not your typical consultants. At ICF, business analysts and policy specialists work together with digital strategists, data scientists and creatives. We combine unmatched industry expertise with cutting-edge engagement capabilities to help organizations solve their most complex challenges. Since 1969, public and private sector clients have worked with ICF to navigate change and shape the future. Learn more at icf.com.