Senior Cloud Engineer Architect (AWS)

Overview
This role supports the design of a modernized and upgraded set of capabilities for DTRA, focusing on secure, scalable, and compliant cloud architectures that enable mission success within complex defense environments. The Senior Cloud Engineer Architect (AWS) will be responsible for defining technical requirements, conducting feasibility studies, leading pilot projects, and troubleshooting infrastructure issues. The position requires a deep expertise in AWS cloud architecture, identity and access management, and multi-cloud interoperability, with a proven ability to operate within DoD-accredited cloud environments.

Education & Certification Requirements
A bachelor’s degree is preferred, but extensive relevant experience can be considered in lieu of formal education. Required certifications include an active AWS Certified Solutions Architect – Associate, DoD Top Secret/SCI clearance, and DoD 8570 IAT Level II certification.

Clearance Requirements
Top Secret SCI

Onsite Requirements
This role is an on-site position located at Ft Belvoir with no remote work flexibility.

Responsibilities

• Design, implement, and secure AWS cloud solutions aligned with DoD mission objectives and cybersecurity standards.
• Lead configuration, deployment, and management of AWS Identity Center for centralized access management.
• Architect federated identity and SSO integrations with Microsoft Entra ID, Okta, or PingFederate.
• Develop and enforce IAM governance frameworks, RBAC, and SCPs consistent with DoD zero-trust principles.
• Secure connectivity across AWS and on-premises systems to support multi-cloud environments.
• Collaborate with cybersecurity teams to ensure compliance with DISA STIGs, NIST 800-53, FedRAMP High, and DoD Cloud Computing SRG.
• Utilize IaC tools such as Terraform and CloudFormation for automated provisioning.
• Support architectural planning for zero-trust, hybrid connectivity, and cross-domain solutions.
• Maintain comprehensive documentation of architecture, access models, and compliance mappings.
• Stay current with AWS and multi-cloud innovations relevant to DoD and federal systems.

Qualifications

• At least 10 years of relevant experience in cloud architecture, with a focus on AWS.
• Proven experience in designing and implementing AWS solutions in enterprise or government settings.
• Expertise with AWS IAM, AWS Identity Center, and AWS Organizations / Control Tower.
• Strong knowledge of federated identity, SAML/OIDC, and cross-cloud authentication mechanisms.
• Familiarity with DoD cybersecurity frameworks including DISA STIGs, NIST 800-53, and FedRAMP.
• Hands-on experience with IaC tools such as Terraform and CloudFormation.
• Excellent communication skills, capable of briefing leadership and stakeholders.
• Ability to troubleshoot complex issues collaboratively within a team.

Desired Skills

• Experience with Zero Trust Architecture deployment in DoD or federal programs.
• Knowledge of AWS GovCloud (US) and Azure Government environments.
• Familiarity with Kubernetes (EKS/AKS) and container security in classified networks.
• Advanced security certifications such as CISSP, CCSP, or AWS Advanced Security Specialty.
• Prior experience supporting DoD or Intelligence Community programs.
• Demonstrated technical leadership within engineering teams.