NLM Cloud Engineer I
Washington, Utah, United States of America
Full Time
5 days ago
No H1B
Key skills
TerraformKubernetesDockerAnsibleOpenShiftIAMPrometheusGrafanaGitHubGitLabBitbucketVersion ControlServiceNowJiraConfluenceCI/CDRisk ManagementCommunicationOWASPPenetration Testing
About this role
Lexical Intelligence provides software and services related to processing large-scale biomedical information sources. They are seeking a Cloud Engineer I to work within the National Library of Medicine, focusing on cloud infrastructure administration, DevOps engineering, and cybersecurity compliance.
Responsibilities:
- Recommend, deploy, and manage version control systems; support NLM's use of Bitbucket, GitLab, and other platforms as needed
- Implement and administer CI/CD pipelines for all approved development frameworks at NLM, utilizing tools such as GitLab, GitHub, TeamSite, Nexus, Kubernetes, Ansible, and Terraform
- Recommend and configure Infrastructure as Code (IaC) tools to support scalable, repeatable deployments
- Implement, administer, and support cross-datacenter deployments using Docker and other containerization tools
- Set up, administer, and maintain elastic and cost-efficient container orchestration environments using Kubernetes, Anthos, and/or OpenShift
- Provide monitoring and logging capabilities to collect, store, and analyze data on application performance and infrastructure availability using EFK stack, Prometheus, Grafana, and other tools
- Recommend and configure vulnerability scanners and penetration testing tools; conduct ongoing vulnerability assessments and threat identification using Tenable, Prowler, Netsparker, Checkmark, and OWASP
- Provide day-to-day cloud operations support, including secure remote access administration, compute and cost model analysis, and implementation of selected cloud solutions
- Support cybersecurity and risk management activities across NLM enterprise systems, including application, network, system, and database security; resolve identified software, firmware, system, and hardware vulnerabilities within prescribed timeframes
- Assist the Government in creating, developing, and maintaining Authority to Operate (ATO) documentation and System Security Plans (SSPs) on an annual basis and as needed
- Track and manage current known vulnerabilities using Tenable Security Center
- Provide technical support for systems and database design; coordinate and implement open-source software such as Apache server services
- Administer, configure, and maintain distributed computing systems using batch queuing software and open-source map/reduce frameworks
- Provide customer service to internal and external staff; resolve issues in a highly technical environment through clear communication, administer user accounts, monitor system performance, and track problem reports through JIRA, ServiceNow, and/or equivalent ticketing systems
- Create and maintain technical documentation using Confluence Wiki and other tools
- Support cloud development and cloud computing infrastructure for production web services, high-performance computing, and high-throughput processing environments; administer commercial cloud accounts through IAM and monitor cloud resource utilization efficiency
- Assist in implementing, maintaining, and executing computer security practices in accordance with Government FISMA policies, including firewalls, intrusion detection, secure computing environments, and disaster recovery
- Provide technical support and guidance to development teams for migration to and utilization of the DevOps platform
- Ensure compliance with organizational security and privacy policies, protect sensitive data and systems, report security incidents within required timeframes (no later than one hour of discovery), and participate in required annual cybersecurity and privacy training per HHS/NIH requirements
- Implement secure coding best practices as directed by US-CERT standards and OWASP guidelines