Remote Jobs Remote / WFH Teknologi & IT Full Time

Senior Cloud Infrastructure Engineer

Cesicorp

Remote Gaji dirahsiakan Posted 1 days ago
Location Remote
Salary Gaji dirahsiakan
Job Type Full Time · Remote
Country United States

Job Description

Full details about the role and requirements

Yukerja Summary

The Senior Cloud Infrastructure Engineer role at Cesicorp is curated from Remote Jobs (category Teknologi & IT). This role is marked as remote — check timezone and location requirements on the official listing. Yukerja.com is not the employer — applications are handled on the official source site.

Company Overview

By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide.

Cole Engineering Services (CESI), a By Light company, is recognized as a premier provider of modeling and simulation (M&S) training solutions to the Federal Government and industry. Since 2004, CESI has been at the forefront of developing, maintaining, and integrating simulation-based training, serious gaming, technical services, training and other support in live, virtual, constructive, and gaming (LVCG) domains. CESI also designs, builds and runs infrastructure, platforms, applications and processes that enable cyber training for the integrated multi-domain force. Our vision is to become a worldwide full spectrum LVCG and cyber training/analysis developer, integrator and services provider.

Position Overview

Cole Engineering Services, Inc. is seeking a highly qualified Senior Cloud Infrastructure Engineer to lead implementation, security, and operations of mission-critical cloud environments that power DoD cyber training capabilities and applications. You will manage and develop resilient, compliant, and cost-optimized cloud platforms supporting cyber ranges, training orchestration, and multi-tenant applications in FedRamp approved cloud environments. You will partner closely with cybersecurity, DevSecOps, networking, and training operations teams to deliver secure, scalable capabilities aligned to DoD RMF, DISA STIGs, and the DoD Cloud Computing SRG (Impact Levels IL2–IL6).

In this role, you will be a key technical leader ensuring the DoD’s cyber training enterprise platforms are secure, resilient, and efficient, enabling cyber operators to execute complex cyber exercises at scale while meeting stringent compliance and mission

requirements.

This is a remote work position with periodic travel (10%) to DoD sites (CONUS) and to CESI Headquarters in Orlando, FL.

Responsibilities

Primary Position Functions

  • Support the design and maintain landing zones using cloud applications such as AWS Organizations, Control Tower, SCP guardrails, Identity and Access Management (IAM) multi-account patterns, and VPC architectures (Transit Gateway, PrivateLink, NAT, IGW) for enclave isolation and cross-domain needs.
  • Engineer high-availability, multi-Region solutions leveraging cloud tools such as EC2, EKS/ECS Fargate, RDS/Aurora, DynamoDB, S3/EFS/FSx, Load Balancers, Route 53, and API Gateway.
  • Implement Zero Trust-aligned patterns (micro-segmentation, strong identity, continuous verification) consistent with DoD Zero Trust guidance.
  • Implement security controls and evidence generation for RMF ATO packages (SSP, SAR, POA&M) in coordination with cybersecurity teams.
  • Apply DISA STIGs (OS, DB, Kubernetes, Container) and SRG

requirements for workloads at IL2–IL6

  • Tailor and automate STIG application using IaC and configuration management.
  • Integrate encryption and key management with cloud tools such as AWS KMS/HSM; enforce IAM least privilege, SCPs, permission boundaries, ABAC, and robust secrets management.
  • Implement cloud logging and metrics tools such as CloudTrail/CloudWatch/GuardDuty/Config for comprehensive audit and detection.
  • Align architectures with FedRAMP Moderate/High baselines when required and ensure boundary compliance for controlled workloads.

Networking and Connectivity

  • Develop secure connectivity (AWS Direct Connect/VPN), hybrid routing, and segmentation; implement TLS mutual auth, certificate management, and private service endpoints.
  • Design logging and telemetry pipelines (CloudWatch, OpenTelemetry, Kinesis, S3, SIEM integration such as Splunk/ELK) with retention, metadata/tagging, and data lifecycle policies.
  • Own SLOs/SLAs for platform services.
  • Implement autoscaling, health checks, and proactive capacity management.
  • Lead cost management and alerting practices of cloud environments in coordination with project leads.
  • Provide Tier 3 support, on-call rotations during exercises, and incident response coordination with cybersecurity and training operations.

Program and Stakeholder Engagement

  • Collaborate with agile teams and product owners to translate training

requirements into platform capabilities.

  • Provide mentorship for junior engineers.
  • Establish standards, design reviews, and repeatable processes.
  • Present cloud solutions to project leadership and accreditation authorities.

Required Experience/

Qualifications

  • Bachelor’s degree in a related technical discipline such as computer science or information technology from an accredited college or university.
  • 8–12+ years of experience in cloud/platform engineering with at least 5 years focused on Amazon Web Services (AWS) with a demonstrated leadership delivering secure, scalable, production-grade cloud-based systems.
  • DoD 8570/8140 compliance: IAT II (Security+) required; IAT III/CISSP or CASP+ preferred

Preferred Experience/

Qualifications

  • AWS Certifications: Certified Solutions Architect – Professional, Security – Specialty, and/or DevOps Engineer – Professional.
  • Kubernetes certifications: CKA/CKS.
  • Experience with HashiCorp Vault, Service Mesh (Istio), policy-as-code (OPA), and zero trust implementations in government environments.
  • Infrastructure-as-code mastery (Terraform and/or CloudFormation), pipelines (GitLab/Jenkins), and configuration management (Ansible/Chef).
  • Deep AWS tool expertise: Organizations/Control Tower, IAM, Bedrock, KMS/HSM, VPC/Transit Gateway, Direct Connect/VPN, EC2/EKS/ECS, RDS/Aurora, DynamoDB, S3/EFS/FSx, ELB/API Gateway/Lambda, CloudTrail/CloudWatch/Config/GuardDuty, Route 53, EventBridge/SQS/SNS.
  • Understanding of RMF accreditation (SSP, POA&M, Continuous Monitoring) and control implementation under NIST SP 800-53 Rev. 5.
  • Hands-on application of DISA STIGs and DoD Cloud Computing SRG for IL2–IL6 workloads.
  • Strong understanding of GovCloud (US) patterns and boundary controls.
  • Strong knowledge of networking fundamentals: TCP/IP, DNS, TLS/PKI, routing, micro-segmentation, Zero Trust patterns.
  • Logging/monitoring design and SIEM integration.
  • Incident response and troubleshooting across app, infra, and network layers.
  • Excellent communication, documentation, stakeholder engagement skills, and the ability to lead cross-functional initiatives.

Special

Requirements/Security Clearance

Please note that pursuant to a government contract, this specific position requires U. S. Citizenship status with ability to obtain a SECRET to TOP SECRET security clearance. Security Clearance

requirements will be specified in the Government's Task Order.

Active DoD Secret clearance preferred; If not already cleared, candidate will be required to obtain and maintain a Top Secret/SCI clearance as a condition of employment.

This job description is not designed to cover or contain a comprehensive listing of activities, duties or

responsibilities that are required of the employee. The above is intended to describe the general contents of and

requirements for the performance of this job.

Benefits Overview

CESI recognizes that our strength is our people. We support every employee as an individual to build strong teams across the enterprise. Our benefit package includes:

  • Medical, Dental & Vision Coverage
  • Wellness Program
  • 401(k) Matching
  • Disability (Short Term & Long Term)
  • Employee Assistance Program
  • Life Insurance
  • Education & Training
  • Generous Leave Policy (11 Federal Holidays, PTO, Military Leave, Bereavement and Jury Duty)

CESI is committed to principles of inclusion and equal employment opportunity. We foster a non-discriminatory, professional work environment for all our teams. We do not discriminate based on race, color, religion, sex, pregnancy, sexual orientation, gender identity, genetic information, national origin, age, marital status, disability, or veteran status.

Apply directly on RemoteJobs.org: https://remotejobs.org/remote-jobs/senior-cloud-infrastructure-engineer-cesicorp

Disclaimer: Yukerja.com is a job aggregator, not an employer. This listing is aggregated from Remote Jobs. Applications are processed on the official company or source site. We are not responsible for listing accuracy.

Tips for Applying to Senior Cloud Infrastructure Engineer

  1. Read the full description and ensure your skills match before applying to Cesicorp.
  2. Tailor your CV and cover letter to keywords in the job description — especially for Teknologi & IT roles.
  3. Click Apply Now to go to Remote Jobs. The hiring process is entirely on the source site.
  4. Prepare an updated portfolio or LinkedIn profile if required during screening.
  5. Beware of payment requests — legitimate jobs do not charge application fees.

Related articles: CV ATS · Career Blog & Tips