This is a remote position.
Position Summary
The Technical Lead owns the architecture, code quality, security implementation, and AWS-native operations of the FFSDCS system. This includes the existing ASP and CLFS modules ? currently a Java enterprise (J2EE / Jakarta EE) application backed by a SQL relational database (Amazon RDS) and integrated with CMS shared services (CMS Enterprise Portal, EIDM/IDM) ? and the new Ground Ambulance Module to be developed under this task order. The Technical Lead plans, conducts, directs, and supervises all technical work; ensures conformity with CMS quality and SDLC standards; and is the contractor's senior technical interface with CMS architects and security personnel.
Key Responsibilities
? Own the end-to-end technical architecture of the FFSDCS, including the AWS-hosted application platform, SQL database, integration with the CMS Enterprise Portal and EIDM/IDM, and the multi-zone security boundary.
? Design and oversee implementation of the new Ambulance Module ? a web-based data collection tool serving approximately 11,000 ground ambulance providers and suppliers (up to 50% sampled per reporting period) with screener-driven skip logic, file upload, manual entry, automated validation, and a certification step.
? Direct unit, integration, and quality assurance testing per Activity 4; ensure the 95% positive-execution validation criterion is met for each release.
? Author and maintain the System Design Document (SDD), Database Design Document, High-Level Technical Design, Logical Data Model, and all related XLC artifacts.
? Ensure all application code, web content, and user interfaces meet Section 508 accessibility standards (36 CFR Part 1194.21, .22, .31, and .41) and complete the Section 508 Product Assessment Template for each deliverable.
? Lead all CMS-invited code walkthroughs and reviews; maintain the Software Development Files (SDF) for each release, including emergency releases.
? Operate within and continuously harden the AWS-native security posture, including IAM least-privilege, KMS encryption at rest and in transit, Secrets Manager, VPC segmentation, AWS WAF, GuardDuty, Security Hub, and AWS Config rules mapped to CMS Acceptable Risk Safeguards (ARS) controls.
? Drive infrastructure-as-code (CloudFormation or Terraform), automated CI/CD, container scanning (if applicable), and DevSecOps tooling (static analysis, dynamic analysis, SCA) to support continuous ATO.
? Migrate to new CMS shared services as those contracts change, per Activity 2; maintain backwards-compatible operations during any cutover.
? Provide load and stress testing evidence supporting the anticipated 7,000 maximum users and 1,000 concurrent roles.
Requirements
Required Qualifications
? Education: Bachelor's degree in Computer Science, Software Engineering, Information Systems, or a related technical field. Master's preferred.
? Experience: Minimum 10 years of progressive technical experience, including at least 5 years as a technical lead or principal engineer on enterprise web-based applications at FISMA Moderate or higher.
? AWS-Native Architecture: Hands-on production experience with the following AWS services: EC2 and/or ECS/EKS, RDS (Aurora MySQL/PostgreSQL or RDS for MySQL), S3, VPC, ALB/NLB, IAM, KMS, Secrets Manager, CloudWatch, CloudTrail, AWS Config, GuardDuty, and AWS WAF. Demonstrated work in an AWS landing zone subject to FedRAMP Moderate or equivalent governance.
? Java Enterprise Stack: Strong J2EE / Jakarta EE and/or Spring Boot experience; application-server experience with WildFly, JBoss EAP, or equivalent; familiarity with Apache ActiveMQ or comparable messaging.
? Database: Production experience with relational SQL database design, query tuning, and operations (MySQL, Aurora MySQL, or PostgreSQL preferred).
? Online Application & File Interfacing: Demonstrated experience designing and operating online interactive forms, file upload/validation pipelines, and electronic data interchange ? directly per SOW e(ii)(1).
? Healthcare Domain: In-depth experience with technical aspects of information management in the healthcare industry, processing healthcare and provider records, and CMS specifically ? directly per SOW e(ii)(3).
? CMS Standards: Working knowledge of the CMS Expedited Life Cycle (XLC), CMS Technical Reference Model, CMS Acceptable Risk Safeguards (ARS), and CMS IT infrastructure standards ? directly per SOW e(ii)(1).
? Multi-Platform Operations: Extensive experience operating multi-platform, multi-tool production environments ? directly per SOW e(ii)(2).
? Section 508: Demonstrable experience implementing and testing to 36 CFR Part 1194.21, .22, .31, and .41 for software, web, and communications deliverables.
? Communication: Demonstrated ability to interact with CMS staff on a frequent and ongoing basis ? directly per SOW e(ii)(4).
Preferred Qualifications
? Prior delivery within the CMS Cloud tenant model ("Batcave") or comparable HHS AWS landing zone.
? AWS Certified Solutions Architect ? Professional, or AWS Certified DevOps Engineer ? Professional.
? CISSP, CSSLP, or comparable security-focused engineering certification.
? Infrastructure-as-code experience with Terraform or AWS CloudFormation; CI/CD with CodePipeline/CodeBuild, GitLab CI, or Jenkins.
? Container experience with Docker and orchestration on Amazon ECS or EKS.
? Splunk experience for centralized logging (CMS-standard log aggregation).
? Experience with CMS shared services: CMS Enterprise Portal, EIDM/IDM, CFACTS.
? Experience with NoSQL on AWS (DynamoDB) where supplemental data stores are warranted.
Benefits
Standard Employee Benefits.
50% Health Insurance Paid by Innosoft, Paid Vacation, 401K Match, STD LTD and AD&D paid by Innosoft.
Never miss an opportunity! Create an alert based on the job you applied for.