DescriptionEssential Functions:AWS Cloud Infrastructure Management: Architect, deploy, and maintain scalable AWS environments using Infrastructure-as-Code (Terraform).Security Focus: Ensure the security and compliance of AWS resources, including configuring and managing AWS security groups, IAM roles/policies, and implementing best practices in cloud security.NIST Compliance: Ensure cloud infrastructure adheres to NIST 800-171 and other relevant security frameworks. Implement, monitor, and maintain controls for compliance with federal and industry standards.Automation and Scripting: Develop automation scripts using Terraform, Python to streamline cloud operations, improve security monitoring, and optimize deployment pipelines.Monitoring & Optimization: Implement and manage AWS monitoring tools (CloudWatch, AWS Config, etc.) to track performance, cost, and compliance issues. Proactively recommend changes to improve efficiency and reduce costs.AWS Billing Management: Manage AWS account billing structures, ensuring accurate allocation of costs to appropriate accounts, projects, or departments. Monitor billing reports and provide regular updates to stakeholders on AWS spending breakdowns.Collaboration: Work closely with DevOps, development teams, and security teams to design secure and scalable cloud-based solutions. Educate and guide teams on best practices in AWS security and governance.Experience and Skills Required:Experience: 7+ years of experience managing cloud environments, with at least 3 years in AWS.Terraform Expertise: Hands-on experience designing and implementing AWS infrastructure using Terraform.AWS Security Knowledge: Strong understanding of AWS security services including IAM, VPC, Security Groups, CloudTrail, KMS, Systems Manager.Cloud Compliance: In-depth knowledge of NIST cloud compliance requirements (relating to 800-171) and experience implementing security controls in cloud environments.Programming/Scripting: Proficiency in Python or similar languages for automation, scripting, and integration tasks.DevOps and CI/CD Tools: Familiarity with DevOps methodologies and tools like Git, GitLab CI/CD, Docker, and Kubernetes.Certifications: AWS Certified Solutions Architect, AWS Certified Security - Specialty, or similar certifications are highly preferred.AWS Billing Management: Experience managing AWS billing accounts, including setting up billing structures, monitoring cost allocation across multiple accounts or projects, and providing accurate reporting to stakeholders.Preferred:Experience working in environments with strict security and regulatory requirements such as financial services, healthcare, or government.Experience with containerization and orchestration tools such as Docker and Kubernetes.Knowledge of serverless architecture (e.g., AWS Lambda) and microservices design.Experience with AWS Billing Tools such as AWS Organizations, AWS Cost Explorer, and AWS Consolidated Billing for managing account structures and billing breakdowns.Familiarity with monitoring and alerting tools like Prometheus, Grafana, FluentBit.Strong problem-solving skills with an emphasis on proactive security measures.Education:Bachelor’s degree in CS, Software Engineering or other IT-related field or equivalent experienceQualificationsEducationPreferredBachelor of Science or better in Computer ScienceExperienceRequired7+ years of experience managing cloud environments, with at least 3 years in AWS.Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)