Senior Cloud Engineer with TS/SCI
About The Position
Design, implement, and secure AWS in alignment with DoD mission objectives and cybersecurity standards. Lead configuration, deployment, and management of AWS Identity Center (formerly AWS SSO) to support centralized access management across multiple AWS accounts. Architect and implement federated identity and single sign-on (SSO) integrations with Microsoft Entra ID (Azure AD), Okta, or PingFederate. Develop and enforce IAM governance frameworks, role-based access controls (RBAC), and service control policies (SCPs) consistent with DoD zero-trust principles. Integrate and secure connectivity across AWS and on-premises systems, ensuring consistent identity and policy enforcement in multi-cloud environments. Partner with cybersecurity teams to ensure compliance with DISA STIGs, NIST 800-53, FedRAMP High, and DoD Cloud Computing SRG guidelines. Leverage Infrastructure as Code (IaC) tools such as Terraform and CloudFormation for automated provisioning and configuration management. Stay current on AWS and multi-cloud innovations relevant to DoD and federal mission systems.
Requirements
- BS degree and 12+ years of prior relevant experience or a Masters degree with 10+ years of prior relevant experience, additional years of experience may be considered in lieu of a degree.
- 5+ years of experience designing and implementing AWS-based solutions in enterprise or government environments.
- Demonstrated expertise with AWS IAM, AWS Identity Center, and AWS Organizations / Control Tower.
- Strong knowledge of federated identity, SAML/OIDC protocols, and cross-cloud authentication mechanisms.
- Familiarity with DoD cybersecurity frameworks, including DISA STIGs, FedRAMP, and Cloud Computing SRG.
- Hands-on experience with Terraform, CloudFormation, and AWS CLI.
- Must be able to present designs and plans to technical leadership personnel and boards for approvals.
- Active AWS Certified Solutions Architect – Associate certification.
- Active DoD Top Secret clearance with SCI Eligibility.
- DoD 8570 IAT Level II certification.
Responsibilities
- Design, implement, and secure AWS in alignment with DoD mission objectives and cybersecurity standards.
- Lead configuration, deployment, and management of AWS Identity Center (formerly AWS SSO) to support centralized access management across multiple AWS accounts.
- Architect and implement federated identity and single sign-on (SSO) integrations with Microsoft Entra ID (Azure AD), Okta, or PingFederate.
- Develop and enforce IAM governance frameworks, role-based access controls (RBAC), and service control policies (SCPs) consistent with DoD zero-trust principles.
- Integrate and secure connectivity across AWS and on-premises systems, ensuring consistent identity and policy enforcement in multi-cloud environments.
- Partner with cybersecurity teams to ensure compliance with DISA STIGs, NIST 800-53, FedRAMP High, and DoD Cloud Computing SRG guidelines.
- Leverage Infrastructure as Code (IaC) tools such as Terraform and CloudFormation for automated provisioning and configuration management.
- Stay current on AWS and multi-cloud innovations relevant to DoD and federal mission systems.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Number of Employees
51-100 employees
