LMI is seeking an AWS Cloud Data Engineer to support a Department of Defense data modernization effort hosted on a DoD-accredited cloud platform in AWS GovCloud. The role involves designing, implementing, and validating a cloud-native data ingestion and persistence pipeline while coordinating with security teams and supporting multi-tenant data platform design.
Responsibilities:
- Design, implement, and maintain ingestion paths for multiple data stream types including structured files and APIs from DoD on-premises sources into an S3-backed landing zone using an approved transfer mechanism (e.g., AWS Transfer Family SFTP or equivalent)
- Design, implement, and maintain Lambda-based parsing functions that process incoming data and load structured output into a relational AWS database (Aurora or Amazon RDS)
- Integrate AWS Glue (or similar technology) to support data transformation and pipeline orchestration within the accredited environment
- Establish and document landing zone file handling patterns, such as raw, processed, rejected/error, and archive
- Support relational database selection, schema design, and configuration (Aurora or RDS) aligned to multi-tenant data isolation requirements
- Deploy and configure a data cataloging solution to support schema visibility, metadata management, and data discovery across tenant communities
- Validate scheduled backup configuration for selected databases and relevant data stores
- Coordinate with the platform security team on S3 encryption and access policy requirements, KMS key ownership, CloudTrail audit logging, and IAM role boundaries for tenant access
- Support ATO and ICA activities, including documentation of the inbound data connection from external infrastructure into the cloud environment
- Operate within IL4 and IL6 accredited environments, adhering to platform-established security controls and approval processes
- Author Architecture Decision Records (ADRs) for key technical decisions made during program execution
- Document the tenant onboarding operating model to capture access controls, data boundaries, shared services, cost visibility, and environment segmentation
- Track issues, decisions, and open questions in GitLab in alignment with established project conventions
Requirements:
- Active Secret clearance
- 4+ years of hands-on AWS cloud engineering experience, with demonstrated work in AWS GovCloud environments
- Proficiency with core AWS data and platform services: S3, Lambda, AWS Glue, RDS/Aurora, IAM, KMS, CloudTrail, CloudWatch, AWS Transfer Family
- Experience designing and implementing data ingestion pipelines for structured file and API-based ingestion patterns
- Familiarity with relational database design, schema management, and backup configuration in cloud environments
- Working knowledge of DoD cloud authorization environments, including Impact Level constraints and ATO/ICA processes
- Ability to operate independently in a fast-paced environment with government technical leads and platform security teams
- AWS certifications: Solutions Architect, Data Engineer, or equivalent
- TS/SCI eligibility
- Experience supporting DoD programs up to IL6
- Familiarity with AWS data catalog solutions, such as AWS Glue Data Catalog, Apache Atlas, or equivalent
- Knowledge of DoD RMF, interconnection agreement (ICA/ISA) requirements, and ATO documentation processes
- Experience onboarding a new tenant community into a shared, multi-tenant DoD cloud platform
- SOF operator or SOF-support background with understanding of SOF core activities and mission sets