DevSecOps Cloud Engineer

Gray Analytics was founded in 2018 with a vision to bring innovative and creative solutions in the cybersecurity, IT, engineering, and scientific spheres. Our customers span across the commercial and federal domains with our goal being to bring excellent customer service to our clients and employees.

Without the bureaucracy that often exists in larger corporations, Gray Analytics offers increased work flexibility, visibility in company progress, and greater opportunities for advancement. It's with our employees' support that we can help our clients achieve mission and operational success.

At Gray Analytics, our goal in the hypersonics directorate is simple: to help our country, DoD organizations, and industry partners successfully counter evolving threats to our nation and allies. Period.

Location: Huntsville, AL

Schedule: Immediate

Status: Full-time exempt

Position Description:

Seeking a skilled DevSecOps Cloud Engineer with a strong focus on Azure and AWS cloud service providers (CSPs), emphasizing security, collaboration, and efficiency. The ideal candidate will have a passion for designing, implementing, and maintaining secure, scalable, and resilient cloud infrastructures. This position requires someone who excels in cloud computing and is passionate about integrating security into the development lifecycle, working closely with our DevSecOps team. The candidate will support projects of varying classification levels and will contribute to the establishment and maintenance of secure, resilient cloud environments.

Responsibilities:

Cloud Architecture and Deployment

• Architect and deploy secure cloud solutions on Azure and AWS, ensuring systems are scalable and resilient and meet DoD compliance and security requirements.
• Design and implement cloud-native architectures, including:
  • Azure: Active Directory, Virtual Machines, Kubernetes Service, Virtual Network, Storage solutions, SQL Database & Cosmos DB, Security Center, and Sentinel.
  • AWS: EC2, ECS/EKS, VPC, S3 & Glacier, RDS & DynamoDB, Lambda, IAM, CloudFormation, and SAM.
• Design, deploy, and maintain cloud infrastructure services using AWS, Azure, and specifically Azure GovCloud, based on business requirements.

Security and Compliance

• Lead security initiatives within the cloud environment, including implementing security controls, vulnerability management, and compliance auditing.
• Implement best practices for cloud security, including IAM policies, encryption, and monitoring, focusing on compliance standards relevant to government cloud environments.
• Ensure compliance with industry standards, regulations, and Missile Defense Agency cybersecurity and IT policies and procedures, especially in government or regulated sectors.

DevSecOps Integration

• Collaborate with the DevSecOps team to refine CI/CD pipelines, integrating security testing and compliance checks for secure code deployment.
• Facilitating seamless integration of cloud and system administration tasks focusing on automation, security, and continuous improvement.

Monitoring and Optimization

• Conduct regular performance and security assessments of cloud infrastructures, working in tandem with the DevSecOps team to optimize system performance and resolve any issues promptly.
• Develop and maintain Infrastructure as Code (IaC) using tools like Terraform and Azure Resource Manager (ARM) templates to ensure consistent and repeatable deployments.

Continuous Learning and Improvement

• Stay abreast of the latest in cloud technologies, security practices, and compliance standards, sharing knowledge and best practices to foster a culture of continuous learning and improvement.

Required Qualifications:

Education and Experience

• Bachelor's degree in Computer Science, Engineering, or a related field (or equivalent work experience).
• 5+ years of experience in cloud engineering, with demonstrable expertise in Azure and AWS and a commitment to security best practices.

Technical Skills

• Proficiency in scripting and automation using Python, Bash, or similar languages.
• Experience with containerization and orchestration tools (Docker, Kubernetes).
• Familiarity with CI/CD pipelines and version control systems (Git).
• Strong understanding of cloud computing concepts, including IaaS, PaaS, and SaaS.
• Proficient in the use of DevSecOps tools and methodologies, with a strong foundation in scripting and automation (e.g., Terraform, Ansible, Jenkins).
• Experience with virtualization and infrastructure tools such as VMware vCenter, Nutanix, Veeam, NetBox, iDRAC, Dell OpenManage, and Eaton UPS.

Cloud Expertise

• Demonstrated expertise in:
  • Azure and AWS Services: Deep understanding and hands-on experience with key services including Azure AD, VMs, AKS, Azure Virtual Network, AWS EC2, ECS, VPC, and IAM.
  • Cloud Security Best Practices: Knowledge of encryption, identity and access management, network security, and compliance policies.
  • Monitoring and Logging: Experience with AWS CloudWatch, Azure Monitor, and other monitoring tools.
  • Cost Management: Ability to analyze and optimize cloud spending.

Networking Security

• Experience maintaining DoD-approved cloud services at varied classification levels and familiarity with networking concepts, including VPNs, VPCs, VNETs, load balancing, and network security groups.
• Solid understanding of network security and system administration principles, capable of effective cross-functional collaboration.

Preferred Qualifications:

Certifications

• Relevant cloud certifications (e.g., AWS Certified Solutions Architect, Azure Administrator, etc.), including specific certifications related to government cloud environments.
• Certifications include Azure Solutions Architect Expert, AWS Solutions Architect Professional, or relevant cloud security certifications.

Additional Experience

• Experience with big data technologies (Hadoop, Spark) and serverless computing.
• Knowledge of hybrid cloud architectures and migration strategies.
• Familiarity with DevOps practices and tools.
• Experience with Missile Defense Agency cybersecurity and IT policies and procedures
• Experience with developing formal builds within the DoD industry
• Experience with Agile software development methodology
• Experience with Git configuration management
• Experience automating repetitive system administration tasks
• Experience with single sign-on and multi-factor authentication guidelines and oversight
• Experience with online Collaboration tools (e.g., Teams, SharePoint, JIRA)
• Maintain operation of Red Hat Enterprise Linux (RHEL) computer systems

Security Requirements:

US Citizen with a current US DoD Secret Clearance or possess/meet the eligibility requirements to obtain and maintain a Secret Clearance.

About Gray Analytics

Gray Analytics values our employees as our most important resource. To showcase these values, we offer not only traditional medical, disability, life, etc. coverages that begin on day one of employment, but also unique benefits to improve our employees' quality of life. Some of these unique benefits include:

• A PTO policy based on total years of experience, not years of service to the company. PTO is available for use immediately at hire, subject to company needs.
• Eligibility for 401K contributions and company matching, Pet Insurance through Spot, Flexible Spending Account, and Tuition and Professional Development Funds begin on day one of employment.
• Charitable donations program on a yearly and quarterly basis where employees can nominate a non-profit of choice to receive donations.

Gray Analytics is an Equal Opportunity Employer and VEVRAA Federal Contractor. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, sex, gender identity, sexual orientation, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability. Gray Analytics, Inc. welcomes minority and veteran applicants.