AWS Systems Engineer/Solutions Architect 4 - Falls Church, VA

Position Summary

Seeking an AWS Systems Engineer/Solutions Architect 4 able to work with a dynamic team of system engineers and administrators responsible for design decisions, implementation, operations & maintenance, and cybersecurity for large complex resilient hybrid-cloud infrastructure to ensure implemented solutions meet stakeholder needs, standards, and performance requirements.

Responsibilities

• Work closely with stakeholders to gather technical requirements, architect solutions, execute on deliverables, and communicate solutions to the entire technical program team and to end-customer stakeholders.
• Work to diagnose and solve complex performance, availability, and information assurance issues.
• Diagnose and remediate complex systems availability, performance, and information assurance issues in a dynamic, always-on, mission critical environment.
• Assist with the analysis, evaluation, engineering, and implementation of system improvements, automation, optimization, and deployments.
• Document designs, and changes to infrastructure environment including physical/logical drawings, engineering design plans, implementation plans, transition plans, test plans, and failover plans.
• Perform security updates to hardware and software to ensure the security posture across all systems implemented and managed.
• Research, prototype, and develop emerging technologies by working closely with industry partners and OEMs to implement the latest and best-in-bread capabilities to meet the customers emerging needs.
• Essential responsibilities and activities include but are not limited to:
  • Manage and maintain Virtual Private Cloud (VPC) in support of application functionality.
  • Deploy hardware-based/virtual servers in support of system and application requirements.
  • Manage and maintain hardware-based or virtual router and/or FW instances supporting network access.
  • Configure network access, firewall rulesets, and security groups.
  • Manage configuration policies using automated methods (i.e. scripts, CLI).
  • Provide account management of cloud environments, including creating accounts for hosted application administrators, configuring Multi-factor Authentication via smartphone app (e.g., Google or Microsoft authenticator) for account access, and removing accounts that are no longer required by app administration team.
  • Manage and maintain required IP space, subnets, route-tables, and Internet gateways.
  • Apply security focused STIGs and patches and update network OS images as required.
  • Assist application developers in developing/employing security groups allowing only required ports and protocols from approved sources and destinations.
  • Employ configuration management best practices to include required documentation and disaster recovery processes.

Position / Candidate Requirements

• Applicants selected will be subject to a government security investigation and may meet eligibility requirements, including U.S. Citizenship, for access to classified information; ability to obtain an active DoD SECRET clearance is required
• 7-9+ years of experience Bachelor's degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university.
• One or more AWS certification that shows Cloud Training
• Candidates will be required to obtain at least one AWS professional level certification in their first six (6) months of employment. e.g., AWS Solutions Architect Expert, AWS Security engineer Associate, etc.
• Experience managing and maintaining cloud environments.
• Strong engineering experience with the following core platforms and services:
  • Experience with systems administration in Linux and Windows Server.
  • Experience integrating and troubleshooting systems in hybrid-cloud environments.
  • Experience creating, analyzing, and automating Linux scripts (e.g., Bash, Ansible).
  • Experience integrating/understanding multi-factor authentication (MFA, 2MFA).
  • Experience implementing and securing services relating to remote connections.
  • Experience developing, implementing, and maintaining highly secure and reliable solutions that meet organizational Cybersecurity and Information Assurance requirements (such as NIST 800-53, NIST 800-171, FISMA, FEDRAMP).
  • Experience performing security scans, performing system updates, and applying security configurations, e.g., DISA STIG/SRGs to system hardware and software.
  • Experience with network devices and integration to include VPNs, firewalls, and routing.
  • Meet DoD 8570 IAT Level-II requirements.
• Strong oral, written and presentation skills with the ability and experience communicating with customers at various levels.
• Demonstrated background working with multidisciplinary teams.
• Demonstrated time management and organization skills to meet deadlines and quality objectives.
• Strong MS Excel, Word, PowerPoint, and Visio Skills is a plus.

Desired / Advantageous Qualifications and Experience

• Experience writing technical analysis papers, conducting analysis of alternatives.
• Experience with DoD IT security requirements including DISA STIG/SRGs.
• Understanding of Department of Defense standards and best practices
• Employ configuration management best practices to include required documentation and disaster recovery processes.

Abilities:

• Exposure to computer screens for an extended period of time.
• Sitting for extended periods of time.
• Reach by extending hands or arms in any direction.
• Have finger dexterity in order to manipulate objects with fingers rather than whole hands or arms, for example, using a keyboard.
• Listen to and understand information and ideas presented through spoken words and sentences.
• Communicate information and ideas in speaking so others will understand.
• Read and understand information and ideas presented in writing.
• Apply general rules to specific problems to produce answers that make sense.
• Identify and understand the speech of another person.