Apply on Employer Site

SAIC · 1 day ago

Cloud Engineer

Washington, DC

Full-time

Onsite

Mid, Senior Level

$120K/yr - $160K/yr

7+ years exp

SAIC is a company focused on providing technology solutions and services. The Application Vulnerability Assessment Program (AVAP) Engineer is responsible for operating and securing application security platforms within Azure Kubernetes Service, managing infrastructure, and ensuring compliance with federal standards.

Information TechnologySecurityService IndustrySoftware

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Design, deploy, and maintain secure, scalable, and resilient cloud infrastructure in Azure such as Azure Key Vault, Azure SQL Server, Azure SQL DB, Azure Kubernetes Service (AKS), etc

Operate and administer Kubernetes clusters (AKS) including node pools, networking, persistent volumes, ingress controllers, secrets management, access control, namespaces, etc

Manage container image lifecycle and updates by pull hardened images (i.e., Iron Bank), scan for vulnerabilities, enforce least-privilege configurations, and publish to ACR

Perform regular server administration tasks including patching, user provisioning, system monitoring, and backup/restoration

Automate deployments of infrastructure and applications using Azure DevOps or equivalent CI/CD pipelines with ARM/Bicep/Terraform and Helm

Implement and enforce security/compliance controls aligned to NIST SP 800-53 and Zero Trust (i.e., key vault integration, secret management, TLS cert rotation)

Develop and maintain operational runbooks, playbooks, SOPs, and system/network architecture diagrams to ensure repeatability and continuous system documentation

Troubleshoot platform and pipeline issues across application, network, and infrastructure layers to minimize downtime for AVAP customers

Contribute to monitoring and metrics collection (availability, scan throughput, failure rates, license utilization) to support program-level reporting

Qualification

AzureKubernetes administrationInfrastructure-as-CodeCI/CD pipelinesSystem administrationTroubleshooting skillsGovernment compliance frameworksApplication security toolsSingle sign-on implementationsTechnical writing

Required

Bachelor's degree in Computer Science, Information Technology, or related field and 9+ years experience; Masters and 7+ years; may accept additional experience in lieu of degree

3+ years of hands-on experience in system administration and DevOps engineering supporting containerized platforms/Kubernetes

Hands-on experience with Kubernetes administration (AKS), Helm, and containerization (Docker)

Experience with system administration pertaining to SQL servers/databases, backup/restore, patching, etc

Experience with Infrastructure-as-Code (ARM/Bicep, Terraform, Helm) and CI/CD pipelines (Azure DevOps)

Demonstrated experience with Terraform, Bicep, and/or ARM for infrastructure automation and immutability

Strong troubleshooting skills across networking, compute, and application layers

Understanding of single sign-on implementations using SAML/OIDC (management of users/groups in Okta) as well as SCIM for automatic user provisioning

Excellent technical writing and documentation skills

Ability to work within government compliance frameworks (FedRAMP, NIST, FISMA, Zero Trust)

US Citizenship

Active Secret with the ability to obtain a Top Secret

Preferred

Demonstrated expertise with Azure (preferred) and familiarity with AWS and GCP cloud services

Familiarity with application security tools is a plus (OpenText Fortify Software Security Center, License and Infrastructure Management, OWASP Dependency Track, etc.)