ROLE- Cloud Infrastructure Engineer
Location- Hybrid (1 day a week on site) in Fairfax, VA
DURATION:6+ MONTHS
Rate:$75-$85/hr on w2
Must haves from the manager:
Experienced with AWS, Terraform and EKS
Strong experience with cloud infrastructure.
Ideally need someone that is Experienced on Federal Government Contracts but can be flexible on this for the right candidate.
Job Description:
Senior Infrastructure Engineer
Role & Responsibilities:
Our client is seeking a Senior Infrastructure Engineer (AWS / Terraform / EKS) to join the Infrastructure & Cloud Team supporting the CDM Data Service federal programs under DHS CISA. This role focuses on designing, building, and operating secure, repeatable AWS environments within a FedRAMP and ATO-governed context. The engineer will work in an environment where all deployments are infrastructure-as-code, peer-reviewed, and fully auditable. The successful candidate will combine hands-on AWS engineering depth with a strong sense of operational discipline, automation, and compliance awareness.
We are seeking dynamic, energetic, and engaging team members who love challenges! The ideal candidate will be able to align to the following duties:
Design, build, and maintain Infrastructure-as-Code using Terraform (modules, S3/DynamoDB remote state, OPA/tfsec policy integration).
Provision, upgrade, and manage EKS clusters, including namespaces, Helm-based add-ons (cert-manager, ESO, Confluent Operator), and IAM roles for service accounts.
Design, configure, and troubleshoot AWS VPC networking, including routing, TGWs, DNS, DHCP, endpoints, NACLs, and security groups.
Implement and secure microservices on EKS with proper connectivity to AWS services (S3, ECR, Secrets Manager, IAM).
Automate infrastructure deployments using GitHub Actions (or self-hosted runners), cross-account IAM role assumptions, and CI/CD policy gates.
Collaborate with security and applications teams to enforce least-privilege IAM, automate compliance evidence collection, and support RMF/ATO documentation.
Diagnose and resolve complex issues spanning containers, Kubernetes networking, and AWS layers (VPC Zscaler - C-TIPS - SaaS endpoints).
Support observability, logging, and monitoring through integration with Elastic, ScienceLogic, or AppDynamics to meet SLA and audit requirements.
Mentor and guide junior engineers through knowledge sharing, paired engineering, and process standardization.
Evaluate and improve infrastructure design for policy compliance, resiliency, and performance tuning.
Develop and maintain SOPs and playbooks that align with program governance.
Required Skills:
Bachelor's degree or 8 years of relevant experience.
6+ years designing, implementing, securing, and maintaining AWS Cloud infrastructure (CAWS, GovCloud, or equivalent).
5+ years of experience with Terraform (advanced modules, state management, policy enforcement).
5+ years' operating Kubernetes/EKS clusters, provisioning, scaling, networking, and Helm lifecycle management.
5+ years of infrastructure experience related to network security
Strong networking foundation: TCP/IP, DNS, DHCP, TLS, routing, subnetting, NACLs, and endpoint connectivity.
Proficient scripting/automation using Python or Bash, YAML/JSON templating, and Git-based workflows.
Experience in security compliance environments (FedRAMP, FISMA, NIST 800-53) and supporting ATO documentation.
Demonstrated ability to collaborate cross-functionally with Security, DevSecOps, and CI/CD teams to maintain compliant, auditable infrastructure.
Strong communication skills with the ability to interface effectively with stakeholders from engineers to senior management.
Nice to have Skills:
Prior DHS CISA mission experience or experience in federal secure cloud operations.
Experience designing and documenting security controls for System Security Plans (SSPs) and FISMA accreditation.
Experience operating in multi-account AWS environments with strong IAM, SCP, and segmentation practices.
Familiarity with observability tooling (Elastic, ScienceLogic, AppDynamics) and integrating metrics/log pipelines with EKS.
Understanding Zero Trust architecture and Cloud-Native ATO automation practices.
Experience in TLS and certificate management (ACM, ACM-PCA).
AWS Associate or Professional-level certification(s) (e.g., Solutions Architect, DevOps Engineer).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10334366
- Position Id: twss20260113R93
- Posted 13 hours ago
Never miss an opportunity! Create an alert based on the job you applied for.
