← all jobs

[Remote] Senior Cloud Infrastructure Engineer

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. By Light Professional IT Services LLC is a company that supports defense, civilian, and commercial IT customers worldwide. They are seeking a highly qualified Senior Cloud Infrastructure Engineer to lead the implementation, security, and operations of mission-critical cloud environments that power DoD cyber training capabilities and applications.

Responsibilities

  • Support the design and maintain landing zones using cloud applications such as AWS Organizations, Control Tower, SCP guardrails, Identity and Access Management (IAM) multi-account patterns, and VPC architectures (Transit Gateway, PrivateLink, NAT, IGW) for enclave isolation and cross-domain needs
  • Engineer high-availability, multi-Region solutions leveraging cloud tools such as EC2, EKS/ECS Fargate, RDS/Aurora, DynamoDB, S3/EFS/FSx, Load Balancers, Route 53, and API Gateway
  • Implement Zero Trust-aligned patterns (micro-segmentation, strong identity, continuous verification) consistent with DoD Zero Trust guidance
  • Implement security controls and evidence generation for RMF ATO packages (SSP, SAR, POA&M) in coordination with cybersecurity teams
  • Apply DISA STIGs (OS, DB, Kubernetes, Container) and SRG requirements for workloads at IL2–IL6
  • Tailor and automate STIG application using IaC and configuration management
  • Integrate encryption and key management with cloud tools such as AWS KMS/HSM; enforce IAM least privilege, SCPs, permission boundaries, ABAC, and robust secrets management
  • Implement cloud logging and metrics tools such as CloudTrail/CloudWatch/GuardDuty/Config for comprehensive audit and detection
  • Align architectures with FedRAMP Moderate/High baselines when required and ensure boundary compliance for controlled workloads
  • Develop secure connectivity (AWS Direct Connect/VPN), hybrid routing, and segmentation; implement TLS mutual auth, certificate management, and private service endpoints
  • Design logging and telemetry pipelines (CloudWatch, OpenTelemetry, Kinesis, S3, SIEM integration such as Splunk/ELK) with retention, metadata/tagging, and data lifecycle policies
  • Own SLOs/SLAs for platform services
  • Implement autoscaling, health checks, and proactive capacity management
  • Lead cost management and alerting practices of cloud environments in coordination with project leads
  • Provide Tier 3 support, on-call rotations during exercises, and incident response coordination with cybersecurity and training operations
  • Collaborate with agile teams and product owners to translate training requirements into platform capabilities
  • Provide mentorship for junior engineers
  • Establish standards, design reviews, and repeatable processes
  • Present cloud solutions to project leadership and accreditation authorities

Skills

  • Bachelor's degree in a related technical discipline such as computer science or information technology from an accredited college or university
  • 8–12+ years of experience in cloud/platform engineering with at least 5 years focused on Amazon Web Services (AWS) with a demonstrated leadership delivering secure, scalable, production-grade cloud-based systems
  • DoD 8570/8140 compliance: IAT II (Security+) required; IAT III/CISSP or CASP+ preferred
  • Infrastructure-as-code mastery (Terraform and/or CloudFormation), pipelines (GitLab/Jenkins), and configuration management (Ansible/Chef)
  • Deep AWS tool expertise: Organizations/Control Tower, IAM, Bedrock, KMS/HSM, VPC/Transit Gateway, Direct Connect/VPN, EC2/EKS/ECS, RDS/Aurora, DynamoDB, S3/EFS/FSx, ELB/API Gateway/Lambda, CloudTrail/CloudWatch/Config/GuardDuty, Route 53, EventBridge/SQS/SNS
  • Understanding of RMF accreditation (SSP, POA&M, Continuous Monitoring) and control implementation under NIST SP 800-53 Rev. 5
  • Hands-on application of DISA STIGs and DoD Cloud Computing SRG for IL2–IL6 workloads
  • Strong understanding of GovCloud (US) patterns and boundary controls
  • Strong knowledge of networking fundamentals: TCP/IP, DNS, TLS/PKI, routing, micro-segmentation, Zero Trust patterns
  • Logging/monitoring design and SIEM integration
  • Incident response and troubleshooting across app, infra, and network layers
  • Excellent communication, documentation, stakeholder engagement skills, and the ability to lead cross-functional initiatives
  • Active DoD Secret clearance preferred; If not already cleared, candidate will be required to obtain and maintain a Top Secret/SCI clearance as a condition of employment
  • AWS Certifications: Certified Solutions Architect – Professional, Security – Specialty, and/or DevOps Engineer – Professional
  • Kubernetes certifications: CKA/CKS
  • Experience with HashiCorp Vault, Service Mesh (Istio), policy-as-code (OPA), and zero trust implementations in government environments

Benefits

  • Medical, Dental & Vision Coverage
  • Wellness Program
  • 401(k) Matching
  • Disability (Short Term & Long Term)
  • Employee Assistance Program
  • Life Insurance
  • Education & Training
  • Generous Leave Policy (11 Federal Holidays, PTO, Military Leave, Bereavement and Jury Duty)

Company Overview

  • BY LIGHT Professional IT Services is a provider of IT, cloud, cyber and infrastructure solutions to the US Federal Government. It was founded in 2002, and is headquartered in Arlington, Virginia, USA, with a workforce of 1001-5000 employees. Its website is http://www.bylight.com.
  • More open positions

    [Remote] Tax & Payroll Operations Lead

    Work from home Full-time role

    [Remote] Payroll Services Consultant

    Work from home Full-time role

    [Remote] Senior Software Engineer, Full Stack

    Work from home Full-time role

    [Remote] Regional Marketing Manager

    Work from home Full-time role

    [Remote] Field Marketing Manager (Eastern Time Zone) - Remote, USA

    Work from home Full-time role

    [Remote] Water/Wastewater Senior Project Engineer

    Work from home Full-time role

    Amgen Senior Associate – Regulatory Affairs (US-Remote) in Los Angeles, California

    Work from home Full-time role

    Remote Data Entry Assistant for Teens – No Experience Required – Flexible Hours, Earn‑While‑You‑Learn Opportunity at careerzynith

    Work from home Full-time role

    [Remote] Edamerica Customer Service Representative-Remote El Paso

    Work from home Full-time role

    Leave and Disability Examiner

    Work from home Full-time role

    [Remote] Data Science Analyst

    Work from home Full-time role

    Technical Sales Specialist - Sample Prep

    Work from home Full-time role

    Entry-Level Remote Data Entry Clerk – Competitive Hourly Rate, Full‑Time/Part‑Time, No Experience Required – Join careerzynith’s Growing Team

    Work from home Full-time role

    [Hiring] Embedded ROI Processor @Datavant

    Work from home Full-time role

    Online Faculty: Retail Store Operations

    Work from home Full-time role

    [Remote] New Business Development Sales Specialist

    Work from home Full-time role

    Local Government Opioid Settlement Liaison

    Work from home Full-time role

    Civil Litigation Attorney (Defense-side!) Remote Hybrid!!!

    Work from home Full-time role

    Grants Finance and Pricing Manager

    Work from home Full-time role

    Credentialing & Privileging Specialist

    Work from home Full-time role

    Junior AI Agent Builder

    Work from home Full-time role