Posted today
Unspecified
Entry Level (less than 2 yrs experience)
$110,000 - $125,000
No Traveling
IT - Networking
Arlington, VA (On-Site/Office)
We are seeking a technically proficient Cloud Engineer with experience deploying and managing environments within AWS GovCloud to support workloads that handle Controlled Unclassified Information (CUI). This role will be responsible for designing, configuring, and maintaining secure cloud infrastructure that meets federal security and compliance requirements, including frameworks such as NIST SP 800-171, CMMC, and FedRAMP-aligned controls.
The ideal candidate understands both the technical architecture of AWS GovCloud and the compliance obligations required to store, process, and transmit CUI. This individual will establish secure baseline configurations, implement identity and access controls, and develop basic cloud-native applications and services to support internal systems.
Key Responsibilities
AWS GovCloud Environment Architecture
Design, deploy, and manage secure environments in AWS GovCloud for workloads containing CUI.
Establish foundational cloud infrastructure including VPCs, networking, IAM policies, logging, monitoring, and encryption services.
Configure secure connectivity between GovCloud and on-premises or other cloud environments when required.
Security and Compliance Implementation
Implement technical controls aligned with NIST SP 800-171 and CMMC requirements.
Configure and maintain security services including AWS KMS, CloudTrail, GuardDuty, Config, Security Hub, and IAM.
Ensure proper data protection, encryption at rest and in transit, access controls, and audit logging for all CUI workloads.
Assist with internal compliance documentation and evidence required for CMMC readiness or audits.
Application Development and Deployment
Develop and deploy basic cloud-native applications and services within AWS GovCloud.
Support containerized or serverless architectures using tools such as Lambda, API Gateway, ECS/EKS, or similar services.
Build and maintain secure CI/CD pipelines for application deployment.
Infrastructure Automation
Use Infrastructure-as-Code tools (e.g., Terraform, CloudFormation, or similar) to standardize and automate secure environment deployment.
Maintain repeatable and auditable infrastructure configuration.
Monitoring and Operations
Monitor system performance, security alerts, and compliance status across cloud resources.
Implement logging, alerting, and incident response procedures for cloud environments handling CUI.
Maintain system documentation including architecture diagrams, configuration standards, and operational runbooks.
Required Qualifications
2–5 years experience working with AWS cloud infrastructure.
Direct experience deploying or managing environments in AWS GovCloud.
Familiarity with CUI handling requirements and federal cybersecurity frameworks, including:
NIST SP 800-171
CMMC
FedRAMP security principles
Experience configuring core AWS services including:
IAM and access control
VPC networking and security groups
CloudTrail, CloudWatch, and logging
KMS encryption and key management
Ability to deploy and support basic applications in AWS, including serverless or containerized workloads.
Understanding of secure system architecture and least-privilege access models.
Preferred Qualifications
AWS certifications such as:
AWS Solutions Architect
AWS Security Specialty
Experience preparing environments for CMMC assessments or NIST 800-171 compliance.
Experience with DevSecOps pipelines and automated security scanning.
Familiarity with DoD contractor environments and handling of CUI.
Key Competencies
Strong understanding of cloud security architecture
Ability to translate regulatory compliance requirements into technical controls
Experience building secure, auditable infrastructure
Clear documentation and communication skills
The ideal candidate understands both the technical architecture of AWS GovCloud and the compliance obligations required to store, process, and transmit CUI. This individual will establish secure baseline configurations, implement identity and access controls, and develop basic cloud-native applications and services to support internal systems.
Key Responsibilities
AWS GovCloud Environment Architecture
Design, deploy, and manage secure environments in AWS GovCloud for workloads containing CUI.
Establish foundational cloud infrastructure including VPCs, networking, IAM policies, logging, monitoring, and encryption services.
Configure secure connectivity between GovCloud and on-premises or other cloud environments when required.
Security and Compliance Implementation
Implement technical controls aligned with NIST SP 800-171 and CMMC requirements.
Configure and maintain security services including AWS KMS, CloudTrail, GuardDuty, Config, Security Hub, and IAM.
Ensure proper data protection, encryption at rest and in transit, access controls, and audit logging for all CUI workloads.
Assist with internal compliance documentation and evidence required for CMMC readiness or audits.
Application Development and Deployment
Develop and deploy basic cloud-native applications and services within AWS GovCloud.
Support containerized or serverless architectures using tools such as Lambda, API Gateway, ECS/EKS, or similar services.
Build and maintain secure CI/CD pipelines for application deployment.
Infrastructure Automation
Use Infrastructure-as-Code tools (e.g., Terraform, CloudFormation, or similar) to standardize and automate secure environment deployment.
Maintain repeatable and auditable infrastructure configuration.
Monitoring and Operations
Monitor system performance, security alerts, and compliance status across cloud resources.
Implement logging, alerting, and incident response procedures for cloud environments handling CUI.
Maintain system documentation including architecture diagrams, configuration standards, and operational runbooks.
Required Qualifications
2–5 years experience working with AWS cloud infrastructure.
Direct experience deploying or managing environments in AWS GovCloud.
Familiarity with CUI handling requirements and federal cybersecurity frameworks, including:
NIST SP 800-171
CMMC
FedRAMP security principles
Experience configuring core AWS services including:
IAM and access control
VPC networking and security groups
CloudTrail, CloudWatch, and logging
KMS encryption and key management
Ability to deploy and support basic applications in AWS, including serverless or containerized workloads.
Understanding of secure system architecture and least-privilege access models.
Preferred Qualifications
AWS certifications such as:
AWS Solutions Architect
AWS Security Specialty
Experience preparing environments for CMMC assessments or NIST 800-171 compliance.
Experience with DevSecOps pipelines and automated security scanning.
Familiarity with DoD contractor environments and handling of CUI.
Key Competencies
Strong understanding of cloud security architecture
Ability to translate regulatory compliance requirements into technical controls
Experience building secure, auditable infrastructure
Clear documentation and communication skills
group id: 91102402
