Job Requirements
Washington, DC
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
$145,000 - $187,000
Job Description
Title: Landing Zone Accelerator Administrator / Cloud Engineer (AWS GovCloud, IL5) — Secret Clearance
Summary
This is the workhorse seat. You keep the platform healthy, you onboard new workload accounts, and you support the Mission Owner's developer teams when they need to move. The Landing Zone Accelerator is the heart of the environment, and you will be the person who runs it, upgrades it, and fixes it when an engine run fails at 4 p.m. on a Friday.
What you will own
LZA container image upgrades (currently v1.15.3, with regular point releases) and the cadence that keeps them current.
The customer-configurations/configurations/ YAML files that define the environment.
LZA engine runs launched from the lzadeploy account, plus triage when those runs fail.
New workload account onboarding, including Identity Center permission set management, account vending through Service Catalog, and AWS Organizations OU structure.
The LZA customization framework, meaning custom CloudFormation stacks layered on top of the LZA baseline.
Required
Operational experience running Landing Zone Accelerator deployments at IL5 in AWS GovCloud.
Comfort with Identity Center permission set management, account vending via Service Catalog, and AWS Organizations OU structure.
Working knowledge of the LZA customization framework and custom CFN stacks built on the baseline.
The instinct to triage engine failures methodically and keep the platform stable.
Preferred
Prior experience supporting Mission Owner developer teams in a DoD cloud environment.
A track record of maintaining configuration-as-code at scale.
Summary
This is the workhorse seat. You keep the platform healthy, you onboard new workload accounts, and you support the Mission Owner's developer teams when they need to move. The Landing Zone Accelerator is the heart of the environment, and you will be the person who runs it, upgrades it, and fixes it when an engine run fails at 4 p.m. on a Friday.
What you will own
LZA container image upgrades (currently v1.15.3, with regular point releases) and the cadence that keeps them current.
The customer-configurations/configurations/ YAML files that define the environment.
LZA engine runs launched from the lzadeploy account, plus triage when those runs fail.
New workload account onboarding, including Identity Center permission set management, account vending through Service Catalog, and AWS Organizations OU structure.
The LZA customization framework, meaning custom CloudFormation stacks layered on top of the LZA baseline.
Required
Operational experience running Landing Zone Accelerator deployments at IL5 in AWS GovCloud.
Comfort with Identity Center permission set management, account vending via Service Catalog, and AWS Organizations OU structure.
Working knowledge of the LZA customization framework and custom CFN stacks built on the baseline.
The instinct to triage engine failures methodically and keep the platform stable.
Preferred
Prior experience supporting Mission Owner developer teams in a DoD cloud environment.
A track record of maintaining configuration-as-code at scale.
group id: 90970085