Staff Mission Cloud Engineer

As a Staff Mission Cloud Engineer, you will be a critical technical expert architecting and managing multi-cloud infrastructure across multiple platforms and classification levels in support of several in-flight, critical U.S. Government programs. You will work as part of the Mission Security Engineering team, partnering closely with industrial security and information systems security engineers to design, build, and deliver cloud infrastructure, tooling, and capabilities from the ground up.

This is a hands-on individual contributor role requiring deep expertise in AWS and Azure at Impact Levels 4, 5, and 6+. You will own cloud network architecture across classification boundaries, translating complex security and mission requirements into resilient, scalable, and compliant infrastructure. If you thrive on building in ambiguous, fast-moving environments where your work directly enables national security missions, this role is for you.

This position requires an active Secret clearance to start, with the ability to obtain and maintain a TS/SCI.

• →Architect and build AWS and Azure cloud networks from the ground up across multiple classification levels, including IL-4, IL-5, and IL-6+ environments
• →Design and implement multi-cloud infrastructure spanning multiple platforms, classification domains, and program requirements
• →Partner with industrial security and information systems security engineers and engineering teams to ensure cloud infrastructure meets program security requirements and compliance standards
• →Build and maintain cloud infrastructure, tooling, and capabilities in direct support of multiple in-flight, critical USG programs
• →Design and implement cloud network architectures including VPCs, VNets, transit gateways, peering configurations, routing, and boundary protection controls
• →Implement and maintain identity and access management (IAM) frameworks, service account architectures, and least-privilege access models across cloud environments
• →Support cloud Provisional Authorization (PA) processes and inherited control models for classified cloud environments
• →Document cloud architectures, configurations, and security controls to support achievement and maintenance of Authorization to Operate (ATO)
• →Identify and remediate findings from STIGs, vulnerability scans, and SCA activities to maintain ATO posture across cloud platforms
• →Ensure compliance with NIST 800-53, CNSSI 1253, ICD 503, JSIG, and other applicable frameworks for National Security Systems (NSS) handling classified information up to TS/SCI
• →Stay current on emerging cloud security capabilities and advocate for their adoption across program environments

• 10+ years of hands-on experience in cloud engineering or infrastructure, with significant experience architecting and operating AWS and Azure environments at scale
• Active Secret clearance required; must be able to obtain and maintain TS/SCI
• DoD 8140 IAT Level III certification (CASP+, CISSP, CISA, or equivalent) required
• Proven experience designing and deploying cloud infrastructure at IL-4, IL-5, and/or IL-6+ impact levels
• Deep expertise architecting AWS and Azure networks from the ground up, including VPCs, VNets, transit gateways, routing, DNS, and boundary protection
• Experience managing multi-cloud environments across multiple platforms and classification domains simultaneously
• Strong working knowledge of cloud security controls, shared responsibility models, and control inheritance within DoD classified cloud environments
• Experience supporting RMF processes, ATO activities, and compliance with NIST 800-53 and applicable NSS frameworks
• Ability to collaborate effectively with industrial security, ISSEs, and cross-functional engineering teams to translate security requirements into infrastructure solutions
• Strong documentation skills, with experience producing architecture diagrams, SSPs, and other artifacts required for government program compliance
• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related field (or equivalent experience)

• Active TS/SCI clearance with polygraph
• AWS and/or Azure government cloud certifications (e.g., AWS GovCloud, Azure Government)
• Experience supporting multiple simultaneous DoD or IC programs with varying security requirements
• Familiarity with DevSecOps practices, Infrastructure as Code (IaC), and CI/CD pipeline security
• Experience with Cross Domain Solutions (CDS), data guards, or other information flow control technologies
• Familiarity with zero trust architectures and modern identity solutions applied to classified environments
• Experience with FedRAMP High, CMMC, or DoD IL-5/IL-6 authorizations