AWS Workspaces Cloud Engineer

AWS Workspaces Cloud Engineer, Remote

• 4 Month+ Contract (Potential for longer term)
• 100% Remote
• NO THIRD PARTY RECRUITERS PLEASE! CANDIDATES MUST BE SELF-REPRESENTED.

Description

Seeking a strong Mid-Senior Level AWS WorkSpaces Cloud Engineer for a short-term contract supporting a high-impact team delivering secure, compliant, and scalable AWS solutions for virtual desktop infrastructure. This is a hands-on engineering role focused on building, automating, and operating Amazon WorkSpaces environments while supporting large-scale deployments, migrations to cloud-based desktops, and modernization of end-user computing for mission-critical systems.

Responsibilities

• Implement and manage AWS WorkSpaces deployments, including provisioning, bundling, scaling, and optimization using AWS Management Console, AWS CLI, SDKs, and automation tools
• Design and configure WorkSpaces directories (AWS Managed Microsoft AD, AD Connector, Simple AD, or Microsoft Entra ID integration), including trusts, OU selection, and directory synchronization
• Build and maintain infrastructure-as-code (IaC) for WorkSpaces environments using Terraform, AWS CloudFormation, AWS CDK, or scripts (PowerShell, Python, Bash)
• Execute virtual desktop migrations and transitions (rehost on-premises VDI to WorkSpaces, refactor applications for streaming, replatform to cloud desktops) using AWS tools and best practices
• Configure secure networking and access controls including VPCs, security groups, IP access control groups, PrivateLink (where applicable), AWS Global Accelerator, and integration with on-premises connectivity (Direct Connect, Site-to-Site VPN)
• Implement Zero-Trust security and identity solutions using AWS IAM, AWS SSO/IAM Identity Center, multi-factor authentication (MFA), certificate-based auth, SAML 2.0 federation, and Conditional Access policies
• Integrate and operate DevSecOps pipelines with AWS CodePipeline, CodeBuild, CodeDeploy, GitHub Actions, and security tools (Amazon GuardDuty, AWS Security Hub, AWS Config, Amazon Inspector)
• Automate compliance monitoring, evidence collection, and reporting using AWS Config rules, AWS Security Hub, CloudTrail, and custom automation for standards such as FedRAMP, NIST 800-53, or similar regulatory requirements
• Support application streaming and containerized/hybrid workloads, including integration with Amazon AppStream 2.0, WorkSpaces Thin Client, or related EUC services
• Troubleshoot production issues in WorkSpaces environments, perform root cause analysis, optimize performance/latency/cost, and manage updates, image builds, and bundles
• Contribute to architecture review packages, security documentation, diagrams, and authorization-to-operate (ATO) artifacts
• Collaborate daily with cloud architects, security engineers, VDI specialists, developers, and stakeholders

Requirements

• 4+ years of hands-on experience building and operating production workloads in AWS (commercial and/or Government)
• 2+ years working specifically with Amazon WorkSpaces and AWS End User Computing (EUC) services
• Strong proficiency in Infrastructure as Code: Terraform (required), CloudFormation/CDK (strong plus)
• Experience deploying and managing AWS WorkSpaces at scale, including directory services integration and bundle management
• Solid understanding of AWS networking (VPC, security groups, access controls, connectivity options) and protocols relevant to virtual desktops (PCoIP, DCV)
• Hands-on experience with AWS DevOps tools (CodePipeline, CodeBuild, CodeDeploy) and GitHub Actions
• Familiarity with AWS security services (IAM, GuardDuty, Security Hub, Config, CloudTrail)
• Scripting and automation skills: PowerShell (required), Python or Bash (plus)
• U.S. citizenship and ability to obtain and maintain appropriate clearance (e.g., Public Trust)

Preferred Qualifications

• Active AWS certifications:

o AWS Certified Solutions Architect Associate or Professional

o AWS Certified SysOps Administrator Associate

o AWS Certified DevOps Engineer Professional

o AWS Certified Security Specialty

• Experience with compliance frameworks such as FedRAMP High, NIST 800-53, or agency-specific controls (e.g., CMS ARS equivalents)
• Prior work on virtual desktop infrastructure (VDI) projects, migrations from on-premises Citrix/VMware Horizon to AWS WorkSpaces
• Knowledge of Amazon AppStream 2.0, WorkSpaces Thin Client, AWS Global Accelerator, or related EUC optimizations
• Experience with Active Directory in AWS (Managed AD, AD Connector), SAML federation, MFA, and certificate-based authentication
• Familiarity with cost optimization, performance tuning, and high-availability configurations for WorkSpaces
• Active Public Trust clearance or higher

Please Note:

• Only those individuals selected for an interview will be contacted.
• No calls, inquiries, or Third-Party Vendors please.
• We are an equal opportunity employer. We encourage applications from candidates of all backgrounds and experiences. (The ACI Group is unable to sponsor H1B Visas).
• $1000 Referral Bonus - ;/li>

Since 1988, The ACI Group, a Baltimore-based staffing firm, has been committed to hiring the industry's leading professionals, and presenting exciting career opportunities. We have access to varied types of contract, permanent and contract-to-perm positions and offer a choice of employment options including a full benefits package.