Key skills
AWSTerraformCloudFormationEC2LambdaS3RDSIAMCloudWatchCommunicationWAFFirewall
About this role
ITility is a Service-Disabled Veteran-Owned Business seeking an experienced Senior Cloud Engineer to support a mission-critical enterprise modernization initiative for the Department of Defense. The role involves designing, securing, and sustaining AWS GovCloud environments to host mission-essential systems and ensuring high availability and disaster recovery strategies.
Responsibilities:
- Design and architect AWS GovCloud environments including VPCs, subnets, route tables, gateways, NAT configurations, and hybrid connectivity models
- Configure and manage Palo Alto firewalls in cloud environments, including policy management and traffic inspection
- Implement and manage AWS Transit Gateways, VPN tunnels, and secure interconnections between enterprise and cloud environments
- Architect and maintain Web Application Firewalls (WAF) to protect mission applications
- Support autoscaling, high availability, and disaster recovery strategies aligned to COOP requirements
- Develop and maintain Infrastructure as Code (IaC) using Terraform, CloudFormation, or equivalent tools to automate provisioning and enforce configuration standards
- Monitor cloud infrastructure using AWS-native and third-party tooling (CloudWatch, Security Hub, SIEM integration) to ensure uptime, performance, and security posture
- Support secure migration and interoperability within DoD enterprise boundaries
- Troubleshoot connectivity issues across hybrid cloud environments
- Provide structured training to the Network Team on cloud networking architecture, VPN management, firewall configurations, and AWS operational best practices
- Develop technical documentation, playbooks, and configuration guides
- Lead knowledge-sharing sessions to increase enterprise cloud competency
Requirements:
- U.S. Citizenship required; ability to obtain and maintain a DoD Secret clearance
- AWS Certified Solutions Architect – Professional
- CompTIA Security+ CE or equivalent (DoD 8570/8140 IAT II)
- Minimum of eight (8) years of progressive experience in cloud engineering, with a minimum of 4 years in AWS GovCloud or equivalent federal cloud environments
- Hands-on experience with Palo Alto Networks firewall platforms, Panorama management, and advanced threat prevention policies
- Demonstrated expertise in AWS architecture and services: EC2, VPC, IAM, S3, RDS, Lambda, CloudTrail, AWS Config, and Security Hub
- Strong working knowledge of DISA STIGs, RMF, NIST 800-53, and federal cloud compliance frameworks
- Proficiency in Infrastructure as Code tools such as Terraform or AWS CloudFormation
- Experience supporting ATO processes and working alongside ISSOs and security assessors
- Solid understanding of hybrid cloud networking, DNS, routing protocols, and PKI/certificate management in federal environments
- Strong documentation and communication skills