Remotery

Senior Cloud Infrastructure Engineer

Posted 8 hours ago

This is a fully remote position, open to applicants in United States.

📋 Description

• Assist in designing and maintaining landing zones utilizing cloud applications such as AWS Organizations, Control Tower, SCP guardrails, Identity and Access Management (IAM) multi-account patterns, and VPC architectures (Transit Gateway, PrivateLink, NAT, IGW) to meet enclave isolation and cross-domain requirements.

• Develop high-availability, multi-Region solutions by leveraging cloud services including EC2, EKS/ECS Fargate, RDS/Aurora, DynamoDB, S3/EFS/FSx, Load Balancers, Route 53, and API Gateway.

• Adopt Zero Trust-aligned patterns (micro-segmentation, strong identity, continuous verification) in accordance with DoD Zero Trust guidelines.

• Implement security measures and evidence generation for RMF ATO packages (SSP, SAR, POA&M) in collaboration with cybersecurity teams.

• Apply DISA STIGs (OS, DB, Kubernetes, Container) and SRG requirements for workloads ranging from IL2 to IL6.

• Customize and automate STIG application using Infrastructure as Code (IaC) and configuration management.

• Integrate encryption and key management with cloud tools such as AWS KMS/HSM; enforce IAM least privilege, SCPs, permission boundaries, ABAC, and effective secrets management.

• Implement cloud logging and metric tools such as CloudTrail, CloudWatch, GuardDuty, and Config for thorough auditing and detection.

• Ensure architectures comply with FedRAMP Moderate/High baselines when necessary and maintain boundary compliance for controlled workloads.

• Establish secure connectivity (AWS Direct Connect/VPN), hybrid routing, and segmentation; implement TLS mutual authentication, certificate management, and private service endpoints.

• Design logging and telemetry pipelines (CloudWatch, OpenTelemetry, Kinesis, S3, SIEM integration such as Splunk/ELK) with retention, metadata/tagging, and data lifecycle policies.

• Take ownership of SLOs/SLAs for platform services.

• Implement autoscaling, health checks, and proactive capacity management.

• Drive cost management and alerting practices within cloud environments in collaboration with project leads.

• Provide Tier 3 support, participate in on-call rotations during exercises, and coordinate incident response with cybersecurity and training operations.

• Work with agile teams and product owners to convert training requirements into platform capabilities.

• Mentor junior engineers.

• Establish standards, conduct design reviews, and create repeatable processes.

• Present cloud solutions to project leadership and accreditation authorities.


⛳️ Requirements

• Bachelor’s degree in a relevant technical field such as computer science or information technology from an accredited institution.

• 8–12+ years of experience in cloud/platform engineering with a minimum of 5 years focused on Amazon Web Services (AWS), demonstrating leadership in delivering secure, scalable, production-grade cloud-based systems.

• Compliance with DoD 8570/8140: IAT II (Security+) required; IAT III/CISSP or CASP+ preferred.

• AWS Certifications: Certified Solutions Architect – Professional, Security – Specialty, and/or DevOps Engineer – Professional.

• Kubernetes certifications: CKA/CKS.

• Experience with HashiCorp Vault, Service Mesh (Istio), policy-as-code (OPA), and zero trust implementations in government settings.

• Mastery of Infrastructure-as-Code (Terraform and/or CloudFormation), pipelines (GitLab/Jenkins), and configuration management (Ansible/Chef).

• Extensive AWS tool expertise: Organizations/Control Tower, IAM, Bedrock, KMS/HSM, VPC/Transit Gateway, Direct Connect/VPN, EC2/EKS/ECS, RDS/Aurora, DynamoDB, S3/EFS/FSx, ELB/API Gateway/Lambda, CloudTrail/CloudWatch/Config/GuardDuty, Route 53, EventBridge/SQS/SNS.

• Familiarity with RMF accreditation (SSP, POA&M, Continuous Monitoring) and control implementation in line with NIST SP 800-53 Rev. 5.

• Practical application of DISA STIGs and DoD Cloud Computing SRG for IL2–IL6 workloads.

• Strong understanding of GovCloud (US) patterns and boundary controls.

• Solid knowledge of networking fundamentals: TCP/IP, DNS, TLS/PKI, routing, micro-segmentation, and Zero Trust patterns.

• Experience in logging/monitoring design and SIEM integration.

• Proficient in incident response and troubleshooting across application, infrastructure, and network layers.

• Excellent communication, documentation, stakeholder engagement skills, and the capacity to lead cross-functional initiatives.


🏝️ Benefits

• Medical, Dental & Vision Coverage

• Wellness Program

• 401(k) Matching

• Disability (Short Term & Long Term)

• Employee Assistance Program

• Life Insurance

• Education & Training

• Generous Leave Policy (11 Federal Holidays, PTO, Military Leave, Bereavement and Jury Duty)

People also viewed

Nitka8 hours ago

Infrastructure & Platforms Engineer

US flagUnited States OnlyFull-timeInfrastructure Engineer
ApplyView job
Brain Corp8 hours ago

Software Engineer II, AI Apps, Cloud Infrastructure

US flagCalifornia OnlyFull-timeInfrastructure Engineer$130k/year
ApplyView job
BlackSky8 hours ago

Senior Infrastructure Engineer

US flagVirginia OnlyFull-timeInfrastructure Engineer$135k – $150k/year
ApplyView job
Moen8 hours ago

Lead Infrastructure Engineer

US flagIllinois OnlyFull-timeInfrastructure Engineer$105k – $165k/year
ApplyView job
Recurrent Energy9 hours ago

IT Cyber Security Architect, Plant Infrastructure

US flagCalifornia, +1 more stateFull-timeInfrastructure Engineer
ApplyView job
decircle10 hours ago

Senior Infrastructure Engineer

CA flagCanada OnlyFull-timeInfrastructure Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers