Cloud Solutions Architect
Chantilly, VA.
Position Summary{{{{:}
}}}The Sponsor requires cloud engineering support to help design and build the new cloud enclave, perform Operations and Maintenance (O&M) tasks, evolve and enhance the cloud architectu
re.Job Description{{{
{:}}}}The Sponsor plans to build a new secure cloud-based enclave and migrate off of legacy on-premises infrastructure. The Sponsor requires cloud engineering support to help design and build the new cloud enclave, perform Operations and Maintenance (O&M) tasks, evolve and enhance the cloud architecture once the build out and migration is complete, help continuously identify and mitigate system and data risks and achieve and maintain Assessment & Authorization (A&A) compl
iance.The Cloud Solutions Architect will set up, configure, update and maintain the Sponsor's AWS cloud-based enclave, in all environments including PRODUCTION and work in close coordination with the cloud vendor's Professional Services as the cloud-based enclave is initially designed and stood up. They will take the lead, in coordination with the Sponsor, in implementing the new cloud-based enclave architecture as well as moving mission data into the cloud for the migration from the legacy (Windows-based) on-premises enclave. They will reach out to partners for technical details and solutions related to system implementation and security and execute cloud engineering tasks to support the Sponsor's information technology enterprise, as well as related tasks such as documentation, knowledge transfer, configuration management, systems security-related tasks and planning activities. The Cloud Solutions Architect will provide technical support and assist in the timely resolution of technical issues related to the Sponsor's cloud environment and systems; support system requirements gathering and refinement as directed by the Sponsor, and provide technical expertise on cloud computing techniques and technologies; and coordinate with and participate in meetings with internal and external teams and partners. They will monitor current, and estimate future cloud-related costs and provide recommendations to the Sponsor for cost-optimization strategies and provide input and recommendations to Sponsor staff and coordinate with the Information System Security Manager (ISSM) staff as necessary to help achieve and maintain ATO for the Sponsor's cloud enclave. They will provide support for application deployments, fixes and configuration changes in the cloud environment; plan and implement backup and Disaster Recovery (DR) solutions in accordance with Sponsor's requirements; evaluate cloud strategy and architecture and provide recommendations and roadmaps for changes to improve security, reduce cost, and streamline operations to the Sponsor; and select appropriate cloud services to design and deploy applications based on given requirements. The Cloud Solutions Architect will create functional design specifications, architectures, and render support to other cloud project deliverables; design, build and maintain high availability cloud-based IT systems; and use Infrastructure-as-Code principles and automation within cloud environments to reduce the risk of errors, streamline operations and facilitate repeatability. They will keep the Sponsor informed of security, data integrity or technical risks, work off-hours on occasion to support deployments, fixes or operations (happens rarely); identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues; and perform O&M tasks related to Sponsors enclave. They will also perform cloud activities including but not limited to; Create and configure virtual private clouds (VPCs), Create EC2 instances, Create RDS instances, Create and secure AMIs that meet security requirements, Create, manage, and test Lifecycle policies for backup and DR purposes, Create public and private subnets, Create auto scaling groups, Configure load balancers, Configure security groups, Create users and groups in cloud environments, Integration with external ser
vices.Requir
ements(Mandatory) Demonstrated experience including knowledge of Best Practices for implementing the security services provided by Amazon AWS (such as Identity Management, Secure Tokens, Cloud Watch and Cloud Monito
ring).(Mandatory) Demonstrated experience with knowledge of security constraints and required protections for enclave accreditation in an AWS
cloud.(Mandatory) Demonstrated experience making virtual machine configuration changes necessary to resolve trouble tickets or to comply with security requirements and IT best prac
tices.(Mandatory) Demonstrated experience, within the last two (2) years, setting up and maintaining an AWS-cloud base
d VPC.(Mandatory) Demonstrated experience deploying and maintaining Windows environments i
n AWS.(Mandatory) Demonstrated experience, within the last six (6) months, managing MS Product
Suite.(Mandatory) Demonstrated experience, within the last six (6) months, managing M
S SQL.(Mandatory) Demonstrated experience, within the last six (6) months, managing MS Server 2012/2016/2019
/2022.(Mandatory) Demonstrated experience, within the last six (6) months, deploying and managing log aggregation systems, such as S
plunk.(Mandatory) Demonstrated experience, within the last six (6) months, maintaining system accredit
ation.(Desired) Demonstrated experience with knowledge of security constraints and required protections for enclave accreditation in an AWS cloud in the Sponsor's enviro
nment.(Desired) Demonstrated experience transitioning an on-premises enclave solution to a virtual private cloud
(VPC).(Desired) Demonstrated experience making application software and operating system configuration changes necessary to resolve trouble tickets or to comply with Sponsor requirements and IT best prac
tices.(Desired) Demonstrated Experience Evaluating And Mitigating Software Security Vulnerabil
ities.(Desired) Demonstrated experience with continuous monitoring from a security perspe
ctive.(Desired) Demonstrated experience obtaining Certification and Accreditation within the Sponsor's enviro
nment.(Desired) Demonstrated experience with the Sponsor's unique IT infrastructure and ongoing pro
jects.(Desired) Demonstrated experience executing O&M tasks as necessary to support the Sponsor's software and hardware infrastru
cture.Demonstrated experience understanding and implementing Multi Factor Authentication (MFA) wit
h AWS.(Desired) Demonstrated experiencing managing Windows services and devices. This experience should be related to managing a Windows based enterprise, such as maintaining Server ISOs and related AMIs, COTS updates, managing domain forests and group policy objects, user role-based authentication in active dire
ctory.(Desired) Demonstrated experience managing LDAP authentication with COTS applications, load balancing and gateway services related to remote desktop service deploy
ments.(Desired) Demonstrated experience with troubleshooting errors utilizing Event Viewer and Splunk lo
gging.Be
- nefits Vacation - 5 weeks of accrued paid vacation per year (i.e., 8.33 hours accrued per pay period w
- orked) Holidays - Paid holidays published annually by the Office of Personnel Management, excluding Inaugurati
- on Day 100% paid for Health Benefits* (United Healthcare, Guardian Dental, VSP Vision, MetLife, Life and Disability Insurance and annual $1500 employer HSA contribution on qualified plans) *health benefits kick in the 1st of the month following your star
- t date 6% 401k Contribution (3% paid out during each pay period, the additional 3% will be paid out as a lump sum in Q1 each
- year) Training Reimbursement - Approved training and education expenses will be reim
bursed
