Sr. Cloud Engineer

Itility LLC

11h•Remote

About The Position

We are seeking an experienced and mission-focused Senior Cloud Engineer to support a mission-critical enterprise modernization initiative in direct support of the Department of Defense (DoD). This position is integral to the design, security, and sustainment of AWS GovCloud environments hosting mission-essential systems during the ongoing enterprise transition. The ideal candidate combines deep technical expertise in cloud architecture and network security with a strong understanding of federal compliance frameworks, delivering secure, resilient, and audit-ready cloud operations in a complex, high-stakes environment. This is a remote role with occasional travel, 10%, to client sites or government installations.

Requirements

U.S. Citizenship required.
CISCO CCNP, CCNA, or Palo Alto PCNSE
AWS Certified Solutions Architect – Associate or Professional
CompTIA Security+ CE or equivalent (DoD 8570/8140 IAT II)
Eight (8) years of progressive experience in cloud engineering, with a minimum of five (5) years in cloud network engineering, including at least three (3) years of experience specifically within AWS GovCloud.
Hands-on experience with Palo Alto Networks firewall platforms, including policy management, VPN configuration, and WAF administration in cloud environments.
Demonstrated working knowledge of AWS networking services: VPC, gateways, route tables, Transit Gateway, and IAM.
Strong working knowledge of DISA STIGs and GovCloud compliance requirements, including STIG implementation and whitelisting procedures.
Experience managing VPN tunnels and secure hybrid connectivity between enterprise and cloud environments.
Solid understanding of DoD cloud boundary requirements and GovCloud operational constraints.
Strong documentation and communication skills with demonstrated ability to train and transfer knowledge to non-cloud engineers.

Nice To Haves

Experience supporting DHRA, Army, or other DoD component enterprise IT modernization programs.
Experience integrating cloud infrastructure within NIPRNet environments.
Familiarity with Zero Trust architecture implementation.
Palo Alto certification (PCNSE or equivalent).
Prior experience delivering technical training or knowledge transfer programs to government or contract staff.
Experience supporting enterprise-scale cloud migrations.
Ability to work independently and collaboratively in Agile environments
Bachelor’s degree in Computer Science or related field (or equivalent professional experience)

Responsibilities

Design, architect, and manage AWS infrastructure including gateways, routing configurations, and hybrid connectivity between enterprise and cloud environments.
Configure and manage Palo Alto firewall deployments in AWS, including policy management, traffic inspection, and VPN tunnel management.
Architect and maintain Web Application Firewalls (WAF) to protect mission-facing applications.
Ensure all AWS environments meet DISA and GovCloud compliance requirements, including implementation of applicable STIGs and management of whitelisting procedures.
Execute and maintain DISA STIG compliance across all cloud-hosted infrastructure and configurations.
Manage whitelisting and access control procedures within GovCloud boundary requirements.
Support secure connectivity and interoperability within DoD enterprise boundaries.
Troubleshoot connectivity and routing issues across hybrid cloud environments.
Provide comprehensive, structured training to the Network Team covering cloud networking architecture, Palo Alto firewall operations, VPN management, and AWS operational best practices.
Develop technical documentation, configuration guides, and operational playbooks to support team self-sufficiency.
Lead knowledge-sharing sessions to build durable cloud competency across the enterprise network team.