Senior Cloud Engineer

About The Position

Requirements

• Deep AWS expertise (primary); working Azure proficiency. Fluent with the AWS API and CLI.
• IaC framework ownership using Terraform and Ansible; Git and GitHub required.
• CI/CD design experience (GitHub Actions, Azure DevOps, or equivalent).
• AI/ML infrastructure: AWS SageMaker, EC2 GPU, S3 data pipelines; Azure ML or Azure OpenAI Service.
• Federated identity: Okta, Keycloak, and/or Microsoft Entra ID; SSO, SAML, OAuth 2.0, OIDC.
• Cloud security: IAM design, NIST SP 800-171, CSPM tooling, secrets management.
• Docker and Kubernetes; highly available service deployment including ELK stack.
• Windows and Linux system administration.
• Scripting proficiency in Python, Bash, or PowerShell.
• Strong problem-solving and communication skills; effective independently and in a small team.
• Demonstrated mentorship ability and experience leading IS projects.
• U.S. Citizenship or the ability to obtain a U.S. Security Clearance is required.
• Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent. Equivalent combinations of education and experience will be considered.
• Bachelor’s Degree plus 3+ years of relevant cloud engineering experience, including 3+ years hands-on in AWS.

Nice To Haves

• Azure experience is a strong plus.
• AWS certifications strongly preferred (Solutions Architect, SysOps, or equivalent).
• Terraform Associate, CKA/CKAD, Okta Certified Administrator, and AWS ML Specialty or Azure AI Engineer Associate are all a plus.

Responsibilities

• Create, maintain, and secure cloud resources across AWS and Azure. Advise on and implement cloud best practices across compute, storage, networking, and managed services. Support physical and virtual Windows and Linux systems where applicable.
• Architect and maintain IaC frameworks using Terraform and Ansible. Define module standards, enforce code review practices, and drive GitOps adoption using Git and GitHub.
• Design and optimize CI/CD pipelines (GitHub Actions, Azure DevOps). Serve as the IS technical lead in the DevOps partnership with Platform and Development teams.
• Deploy, secure, and maintain cloud infrastructure supporting AI/ML workloads on AWS (SageMaker, EC2) and Azure (Azure ML, Azure OpenAI Service). Own the compute, storage, networking, and access controls these workloads require, in coordination with Platform and Development teams who own the models.
• Own and administer Aptima’s federated identity architecture. Configure and maintain Okta, Keycloak, and Microsoft Entra ID; implement SSO, SAML, OAuth 2.0, and OIDC integrations across cloud and on-premises systems. Enforce least privilege and zero-trust identity principles aligned with NIST requirements.
• Administer cloud environments in alignment with NIST SP 800-171 for CUI environments. Lead security reviews, manage IAM governance, and remediate vulnerability assessment findings.
• Deploy and operate highly available services and databases. Administer containerized environments using Docker and Kubernetes.
• Use the AWS API and CLI for automation, scripting, and environment management. Build tooling that reduces manual toil and improves operational consistency.
• Own cloud cost governance including tagging standards, budget alerting, and rightsizing. Maintain observability frameworks covering log aggregation, distributed tracing, and alerting.
• Mentor through code reviews and architecture walkthroughs. Advise IS staff and management within your area of expertise; lead IS projects and provide training as needed.