Senior Cloud Architect

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, or related field (or equivalent practical experience).
• 10+ years of experience in enterprise IT/cloud architecture, systems engineering, or network modernization; 5+ years leading technical efforts on large programs.
• Hands‑on expertise with cloud‑integrated network designs, hybrid cloud architectures, and Zero‑Trust patterns.
• Strong experience with IAM/RBAC, Kubernetes/container security, and Linux hardening; working knowledge of Windows hardening.
• Architect secure, scalable Cloud infrastructures and network connectivity.
• Design cloud-native data platforms, pipelines, and analytics architectures.
• Automate cloud provisioning with Terraform/ARM/Bicep; ensure consistent, FedRAMP-compliant environments.
• Implement RBAC, least‑privilege, encryption, and NIST‑aligned security controls.
• Drive FinOps optimization and guide engineering teams on cloud best practices.
• Enhance the security and administration of Spectrum IT systems operations.
• Migrate and modernize with config-level changes.
• Push toward Platform as a Service (PaaS) and cloud-native where possible.
• Replatform if the application can leverage PaaS.
• Rehost using AWS/Azure Infrastructure-as-a-Service (IaaS) if the application can’t leverage PaaS.
• Use Microsoft Cloud Adoption Framework (CAF) and the Azure Well-Architected Framework.
• Leverage the NTIA FSDS IL5 tenant based on the single tenant architect
• Demonstrated ability to enforce STIGs/SRGs, remediate ACAS/Nessus findings, and produce RMF/ATO documentation.
• Proficiency with cloud‑native monitoring/logging (e.g., CloudWatch or platform equivalents), securing service meshes, and IaC security baselines.
• Experience with Agile/Lean delivery; effective communicator able to brief senior business and government stakeholders.
• U.S. citizen; able to obtain Secret clearance and USAF CAC; pass government background checks and fingerprinting.

Nice To Haves

• Experience with 5G integration and enterprise Wi‑Fi architectures.
• DoDM 8140.03‑aligned cyber workforce qualification or willingness to obtain
• Familiarity with AETC/USAF operational environments; prior support to USAREUR‑AF or other DoD organizations is a plus.
• Experience with SAFe practices, Jira/Confluence, and ServiceNow in DoD environments.
• AWS Certified Cloud Architect

Responsibilities

• Architect end‑to‑end cloud‑native, software‑defined solutions that meet AETC’s performance, scalability, and user‑experience objectives; lead the enterprise evolution to Zero‑Trust architectures.
• Design and implement secure hybrid environments (public cloud + on‑prem), including cloud networking, segmentation, service‑to‑service security, and federation models.
• Engineer Identity and Access Management (IAM) with role‑based access controls (RBAC), least privilege, and single‑/multi‑domain federation.
• Secure Kubernetes platforms and container runtimes (network segmentation, RBAC, workload isolation) and guide standards for virtualized environments.
• Develop Infrastructure‑as‑Code (IaC) security baselines to enable repeatable, compliant deployments.
• Lead technical options, costed alternatives, and future‑state roadmaps aligned to mission priorities and budget.
• Implement RMF‑aligned controls; produce/maintain ATO artifacts; support continuous monitoring strategy and control assessments with ISSM/ISSO/SCV.
• Enforce DISA STIG/SRG configurations across Linux/Windows systems, cloud services, VMs, and Kubernetes clusters; maintain timely patching and flaw remediation.
• Enable ACAS/Nessus vulnerability scanning, report results, remediate findings, and sustain POA&Ms in coordination with Government cybersecurity leads.
• Implement web content filtering and traffic prioritization consistent with DoD/USAF policy and AWAKEN rules of behavior.
• Map technical controls to NIST SP 800‑53, DISA STIGs, and (as applicable) CMMC requirements; maintain secure logging, audit trails, and evidence packages.
• Support incident response in cloud environments (log analysis, containment, recovery) and contribute to the Government’s cyber incident reporting processes.
• Operate in a pre‑deployment test/lab environment, perform MBSE‑driven validation, and deliver successful test results prior to production rollout.
• Troubleshoot complex enterprise connectivity issues impacting performance or user experience; provide Tier‑3 engineering guidance to operations teams.
• Optimize network and cloud configurations for resilience, availability, latency, jitter, and QoS in line with AWAKEN KPIs/SLAs.
• Engage the COR and AWAKEN Government Technical Leads as a trusted advisor; communicate clearly across diverse technical backgrounds.
• Partner with the Program Manager, providing status, recommendations, and technical insight; contribute to PMRs and enterprise planning.
• Support Configuration Control Boards (CCBs) by proposing changes, documenting artifacts, and sustaining the enterprise baseline.

Benefits

• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay
• Paid time off
• Full flex work weeks
• Variety of medical plan options
• Health Savings Accounts
• Dental plan options
• Vision plan
• 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• Short and long-term disability benefits
• Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance