We are seeking a highly capable Senior Cloud Engineer to spearhead cloud initiatives for our customer. In this hands-on role, you’ll architect and develop scalable cloud-native solutions using AWS, Azure, and Python, while ensuring best practices across architecture, development, deployment, and security. The Security Cloud Engineer will support the design and development of cybersecurity tools and technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide systems and networks.
RESPONSIBILITIES:
- Manage multiple assignments, changing priorities, and work independently with little oversight
- Deploy and manage applications on cloud platforms such as AWS and Azure
- Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required
- Documentation, Visio Diagrams and reporting along with presentation, teamwork and agency wide collaboration are among the expected duties and mission of the task order
- Hardware and software installations, upgrades, maintenance, security analysis and network performance and tuning of Windows and Linux servers in a virtual infrastructure
- Define system security & design requirements to meet FISMA and FedRAMP compliance standards
- Provide follow-up reports (technical findings, feedback, resolution steps taken) for Root Cause analysis, engineering technical assessment and process improvement initiatives
- Design, implement, and maintain CI/CD pipelines for secure, automated software delivery
- Develop infrastructure as code (IaC) using tools such as Terraform, Ansible, or CloudFormation
- Implement automated security tools for vulnerability scanning, static/dynamic application security testing (SAST/DAST), and container security
- Configure and optimize container orchestration platforms (e.g., Kubernetes, Docker)
- Mentor junior team members and contribute to continuous improvement of DevSecOps practices
- Candidates must possess one of the following certifications: CISSP, CCSP, MCSE, AWS Certified DevOps Engineer, Certified AWS SysAdmin, AWS Certified Advanced Networking, Azure Solutions Architect, Expert Azure Developer Associate
- BS degree in Science, Technology, Engineering or related field and 10-12 years of prior relevant experience with a focus on cybersecurity additional years of experience will be accepted in lieu of a degree
- Minimum 5+ years of Administration experience with cloud-based applications (MS O365, SharePoint, Azure AD, AWS)
- Experience installing, configuring, securing, and troubleshooting Microsoft Windows Server and Red Hat Enterprise Linux
- Extensive automation experience with PowerShell and Shell Scripting for automating repeatable tasks and installations
- Experience managing Active Directory (AD), Azure Active Directory, AD FS, single sign-on using SAML and Group Policy management
- Perform analysis of security posture by reviewing vulnerability and compliance scans and making recommendations for remediations and managing POA&Ms
- Hands-on experience with containerization and orchestration (e.g., Docker, Kubernetes)
- Solid understanding of networking, Linux/Unix systems, and version control systems (e.g., Git)
- Experience managing Azure Firewalls, AWS Network Firewall, AWS Network ACLs, AWS security groups, Azure network security groups, and related resources
- Solid understanding of developing and leveraging CI/CD pipelines (Continuous Integration/Continuous Deployment)
- Experience with Wiz, Axonius, Crowd Strike, Nucleus, and Network/Endpoint security tools
- Experience working with SIEM tools such as Splunk to ingest, normalize, store, and maintain data from endpoint, network, and application source types is a plus
- Experience working in an Agile environment and familiarity with Agile project management practices is a plus
The anticipated salary range for this position is $135,000 - 150,000. This range is a good-faith estimate and not a guarantee of compensation. Final compensation will be based on factors including experience, education, skills, geographic location, internal equity, market data and applicable contract requirements, and may fall outside the posted range.
Skills Required
- One of the following certifications required: CISSP, CCSP, MCSE, AWS Certified DevOps Engineer, AWS Certified SysOps Administrator, AWS Certified Advanced Networking, Azure Solutions Architect, Expert Azure Developer Associate
- BS in Science/Technology/Engineering or related field and 10-12 years relevant experience (additional experience may be accepted in lieu of degree)
- Minimum 5+ years administration experience with cloud-based applications (MS O365, SharePoint, Azure AD, AWS)
- Experience installing, configuring, securing, and troubleshooting Microsoft Windows Server and Red Hat Enterprise Linux
- Extensive automation experience with PowerShell and Shell scripting
- Experience managing Active Directory, Azure Active Directory, AD FS, SAML, and Group Policy
- Perform security posture analysis from vulnerability and compliance scans and manage POA&Ms
- Hands-on experience with containerization and orchestration (Docker, Kubernetes)
- Solid understanding of networking, Linux/Unix systems, and version control systems (Git)
- Experience managing Azure Firewalls, AWS Network Firewall, AWS Network ACLs, AWS security groups, and Azure network security groups
- Develop infrastructure as code (Terraform, Ansible, or CloudFormation)
- Implement automated security tools for vulnerability scanning, SAST/DAST, and container security
- Design, implement, and maintain CI/CD pipelines for secure, automated software delivery
- Experience architecting and developing cloud-native solutions using Python
- Ability to work two onsite days per week if residing within 50 miles of Arlington, VA (remote eligible if outside 50-mile radius)
- Experience with Wiz, Axonius, CrowdStrike, Nucleus (preferred)
- Experience with Splunk or other SIEM tools (preferred)
- Experience working in Agile environments and familiarity with Agile practices (preferred)
What We Do
For over 20 years, TDI’s one and only passion has been delivering cybersecurity solutions to effectively manage the business of cyber. At the global vanguard of innovation, we created Cybersecurity Performance Management (CPM) and the industry-leading CPM platform, CnSight®. Combining CnSight® with our remarkable historical experience and our exceptional capabilities of cyber operations and compliance, we offer Managed Cybersecurity Performance, a first of its kind managed CPM offering. TDI’s CPM solutions mitigate risk, reduce ransomware, provide continuous compliance, improve cyber-ROI, and provide comprehensive instantaneous visibility into how an organization is performing against its cyber strategy, particularly for Boards of Directors. CnSight® is the industry-leading Cybersecurity Performance Management (CPM) platform which mitigates risk, reduces ransomware, provides continuous compliance, improves cyber-ROI, and provides comprehensive instantaneous visibility into how an organization is performing against its cyber strategy, so executives and Boards may effectively manage the business of cybersecurity– the result: reduced stress, better performance, less cost, and a true understanding of cyber investment. With CnSight® at its core, TDI’s Managed Cybersecurity Performance offering ensures strategic cyber goals are met to protect an organization’s investments, assets and reputation by reducing the risk of ransomware, lowering cyber insurance premiums, improving ROI, reducing legal and fiduciary liability, delivering actionable reporting to the Board and C-Suite, providing on-call advice, ensuring continuous compliance and providing subject matter expertise on the organization’s behalf in meeting with the C-Suite and the Board, dealing with auditors, and supporting budget decisions – the result: reduced stress, better performance, less cost, and a true understanding of cyber investment.








