Senior Cloud Infrastructure Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

By Light Professional IT Services · 4 hours ago

Senior Cloud Infrastructure Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
date8+ years exp

By Light Professional IT Services LLC is dedicated to providing technology solutions for federal agencies and warfighters. They are seeking a Senior Cloud Infrastructure Engineer to lead the implementation, security, and operations of critical cloud environments that support DoD cyber training capabilities and applications.

GovernmentInformation ServicesInformation Technology
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Support the design and maintain landing zones using cloud applications such as AWS Organizations, Control Tower, SCP guardrails, Identity and Access Management (IAM) multi-account patterns, and VPC architectures (Transit Gateway, PrivateLink, NAT, IGW) for enclave isolation and cross-domain needs
Engineer high-availability, multi-Region solutions leveraging cloud tools such as EC2, EKS/ECS Fargate, RDS/Aurora, DynamoDB, S3/EFS/FSx, Load Balancers, Route 53, and API Gateway
Implement Zero Trust-aligned patterns (micro-segmentation, strong identity, continuous verification) consistent with DoD Zero Trust guidance
Implement security controls and evidence generation for RMF ATO packages (SSP, SAR, POA&M) in coordination with cybersecurity teams
Apply DISA STIGs (OS, DB, Kubernetes, Container) and SRG requirements for workloads at IL2–IL6
Tailor and automate STIG application using IaC and configuration management
Integrate encryption and key management with cloud tools such as AWS KMS/HSM; enforce IAM least privilege, SCPs, permission boundaries, ABAC, and robust secrets management
Implement cloud logging and metrics tools such as CloudTrail/CloudWatch/GuardDuty/Config for comprehensive audit and detection
Align architectures with FedRAMP Moderate/High baselines when required and ensure boundary compliance for controlled workloads
Develop secure connectivity (AWS Direct Connect/VPN), hybrid routing, and segmentation; implement TLS mutual auth, certificate management, and private service endpoints
Design logging and telemetry pipelines (CloudWatch, OpenTelemetry, Kinesis, S3, SIEM integration such as Splunk/ELK) with retention, metadata/tagging, and data lifecycle policies
Own SLOs/SLAs for platform services
Implement autoscaling, health checks, and proactive capacity management
Lead cost management and alerting practices of cloud environments in coordination with project leads
Provide Tier 3 support, on-call rotations during exercises, and incident response coordination with cybersecurity and training operations
Collaborate with agile teams and product owners to translate training requirements into platform capabilities
Provide mentorship for junior engineers
Establish standards, design reviews, and repeatable processes
Present cloud solutions to project leadership and accreditation authorities

Qualification

Amazon Web Services (AWS)Cloud SecurityInfrastructure as Code (IaC)DoD ComplianceZero Trust ArchitectureCloud Logging ToolsNetworkingConnectivityCost ManagementAgile CollaborationIncident ResponseMentorshipPresentation Skills

Required

8–12+ years of experience in cloud/platform engineering with at least 5 years focused on Amazon Web Services (AWS) with a demonstrated leadership delivering secure, scalable, production-grade cloud-based systems
DoD 8570/8140 compliance: IAT II (Security+) required; IAT III/CISSP or CASP+ preferred
Associate or bachelor's degree in a related technical discipline such as computer science or information technology from an accredited college or university
AWS Certifications: Certified Solutions Architect – Professional, Security – Specialty, and/or DevOps Engineer – Professional
This specific position requires U. S. Citizenship status with ability to obtain a SECRET to TOP SECRET security clearance
Active DoD Secret clearance preferred; If not already cleared, candidate will be required to obtain and maintain a Top Secret/SCI clearance as a condition of employment

Preferred

IAT III/CISSP or CASP+ preferred
Active DoD Secret clearance preferred

Benefits

Medical, Dental & Vision Coverage
Wellness Program
401(k) Matching
Disability (Short Term & Long Term)
Employee Assistance Program
Life Insurance
Education & Training
Generous Leave Policy (11 Federal Holidays, PTO, Military Leave, Bereavement and Jury Duty)

Company

By Light Professional IT Services

twittertwittertwitter
company-logo
BY LIGHT Professional IT Services is a provider of IT, cloud, cyber and infrastructure solutions to the US Federal Government.
dateFounded in 2002
location
Arlington, Virginia, USA
people-size1001-5000 employees
web-link
http://www.bylight.com

Funding

Current Stage
Late Stage
Total Funding
unknown
2017-05-31Acquired

Leadership Team

leader-logo
Bob Donahue
CEO By Light
linkedin
leader-logo
Mike Bowser
Chief Operating Officer
linkedin

Recent News

PR Newswire
By Light Implements APS for Government Compliance
2026-01-07
Business Wire
Cole Engineering Awarded Hybrid Force-on-Force Small Arms Training System
2025-12-01
PR Newswire
By Light Deemed "Awardable" in P1 Solutions Marketplace
2025-10-09
Company data provided by crunchbase