Cloud Developer/Engineer - Active Top Secret/SCI/FSP required!!! Reston, Virginia · Government/Military Apply Now Cloud Developer/Engineer Full-time, W2 only U.S. Veterans preferred On premise at Government facility Requires TS/SCI, Full Scope Poly (must have already and be current, no exceptions) Immediate hire introduction The Sponsor plans to build a new secure cloud-based enclave and migrate off of legacy on-premises infrastructure. The Sponsor requires cloud engineering support to help design and build the new cloud enclave, perform Operations and Maintenance (O&M) tasks, evolve and enhance the cloud architecture once the build out and migration is complete, help continuously identify and mitigate system and data risks and achieve and maintain Assessment & Authorization (A&A) compliance. Work requirementS Cloud Engineering Support – HRR: YES + The Contractor shall work closely with the Sponsor for work prioritization. + The Contractor shall set up, configure, update and maintain the Sponsor’s AWS cloud-based enclave, in all environments including PRODUCTION. + The Contractor shall work in close coordination with the cloud vendor’s Professional Services as the cloud-based enclave is initially designed and stood up. + The Contractor shall take the lead, in coordination with the Sponsor, in implementing the new cloud-based enclave architecture as well as moving mission data into the cloud for the migration from the legacy (Windows-based) on-premises enclave. + The Contractor shall reach out to partners for technical details and solutions related to system implementation and security. + The Contractor shall execute cloud engineering tasks to support the Sponsor’s information technology enterprise, as well as related tasks such as documentation, knowledge transfer, configuration management, systems security-related tasks and planning activities. + The Contractor shall provide technical support and assist in the timely resolution of technical issues related to the Sponsor’s cloud environment and systems. + The Contractor shall support system requirements gathering and refinement as directed by the Sponsor, and provide technical expertise on cloud computing techniques and technologies. + The Contractor shall coordinate with and participate in meetings with internal and external teams and partners. + The Contractor shall monitor current, and estimate future cloud-related costs and provide recommendations to the Sponsor for cost-optimization strategies. + The Contractor shall provide input and recommendations to Sponsor staff and coordinate with the Information System Security Manager (ISSM) staff as necessary to help achieve and maintain ATO for the Sponsor’s cloud enclave. + The Contractor shall provide support for application deployments, fixes and configuration changes in the cloud environment. + The Contractor shall plan and implement backup and Disaster Recovery (DR) solutions in accordance with Sponsor’s requirements. + The Contractor shall evaluate cloud strategy and architecture and provide recommendations and roadmaps for changes to improve security, reduce cost, and streamline operations to the Sponsor. + The Contractor shall select appropriate cloud services to design and deploy applications based on given requirements. + The Contractor shall create functional design specifications, architectures, and render support to other cloud project deliverables. + The Contractor shall design, build and maintain high availability cloud-based IT systems. + The Contractor shall use Infrastructure-as-Code principles and automation within cloud environments to reduce the risk of errors, streamline operations and facilitate repeatability. + The Contractor shall keep the Sponsor informed of security, data integrity or technical risks. + The Contractor shall work off-hours on occasion to support deployments, fixes or operations (happens rarely). + The Contractor shall identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues. + The Contractor shall perform O&M tasks related to Sponsors enclave. + The Contractor shall perform cloud activities including but not limited to; Create and configure virtual private clouds (VPCs), Create EC2 instances, Create RDS instances, Create and secure AMIs that meet security requirements, Create, manage, and test Lifecycle policies for backup and DR purposes, Create public and private subnets, Create auto scaling groups, Configure load balancers, Configure security groups, Create users and groups in cloud environments, Integration with external services. required skills and demonstrated experience The Contractor shall have the following required current skills, certifications, and demonstrated experience: + Demonstrated experience including knowledge of Best Practices for implementing the security services provided by Amazon AWS (such as Identity Management, Secure Tokens, Cloud Watch and Cloud Monitoring). + Demonstrated experience with knowledge of security constraints and required protections for enclave accreditation in an AWS cloud. + Demonstrated experience making virtual machine configuration changes necessary to resolve trouble tickets or to comply with security requirements and IT best practices. + Demonstrated experience, within the last two (2) years, setting up and maintaining an AWS-cloud based VPC. + Demonstrated experience deploying and maintaining Windows environments in AWS. + Demonstrated experience, within the last six (6) months, managing MS Product Suite. + Demonstrated experience, within the last six (6) months, managing MS SQL. + Demonstrated experience, within the last six (6) months, managingMS Server 2012/2016/2019/2022. + Demonstrated experience, within the last six (6) months, deploying and managing log aggregation systems, such as Splunk. + Demonstrated experience, within the last six (6) months, maintaining system accreditation. + Certification(s): + AWS Cloud Solutions Architect - Professional Highly Desired skills and demonstrated experience Skills and demonstrated experiences that are highly desired but not required to perform the work include: + Demonstrated experience with knowledge of security constraints and required protections for enclave accreditation in an AWS cloud in the Sponsor’s environment. + Demonstrated experience transitioning an on-premises enclave solution to a virtual private cloud (VPC). + Demonstrated experience making application software and operating system configuration changes necessary to resolve trouble tickets or to comply with Sponsor requirements and IT best practices. + Demonstrated experience evaluating and mitigating software security vulnerabilities. + Demonstrated experience with continuous monitoring from a security perspective. + Demonstrated experience obtaining Certification and Accreditation within the Sponsor’s environment. + Demonstrated experience with the Sponsor’s unique IT infrastructure and ongoing projects. + Demonstrated experience executing O&M tasks as necessary to support the Sponsor’s software and hardware infrastructure. + Demonstrated experience understanding and implementing Multi Factor Authentication (MFA) with AWS. + Demonstrated experiencing managing Windows services and devices. This experience should be related to managing a Windows based enterprise, such as maintaining Server ISOs and related AMIs, COTS updates, managing domain forests and group policy objects, user role-based authentication in active directory. + Demonstrated experience managing LDAP authentication with COTS applications, load balancing and gateway services related to remote desktop service deployments. + Demonstrated experience with troubleshooting errors utilizing Event Viewer and Splunk logging. Physical Requirements PHYSICAL DEMANDS: The physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand, talk, hear, walk, sit, and use fingers, tools or controls. The employee is occasionally required to reach with hands and arms and stoop, kneel, crouch, or crawl. Specific vision abilities required by this job include close vision such as to read handwritten or typed material, the ability to adjust focus, and depth perception. While performing the duties of this job, the employee may occasionally push or lift up to 25 lbs. TMG is the proud recipient of the Employer Support of Guard and Reservists by the SECDEF and a HireVets Department of Labor recipient. TMG is an Equal Opportunity Employer.