Senior Cloud Engineer

The Senior Cloud Engineer owns Aptima's cloud environments across AWS (primary) and Azure, ensuring they are secure, compliant with NIST SP 800-171, and built to support mission-critical operations. This includes deploying AI/ML model infrastructure as the IS engineer responsible for the environments those workloads run on and owning the federated identity architecture that connects cloud and on-premises systems. The role partners closely with Technical Operations and Cybersecurity teams, and provides local infrastructure support where needed., * Cloud Environment Ownership: Create, maintain, and secure cloud resources across AWS and Azure. Advise on and implement cloud best practices across compute, storage, networking, and managed services. Support physical and virtual Windows and Linux systems where applicable.

• Infrastructure-as-Code: Architect and maintain IaC frameworks using Terraform and Ansible. Define module standards, enforce code review practices, and drive GitOps adoption using Git and GitHub.
• CI/CD & DevOps Partnership: Design and optimize CI/CD pipelines (GitHub Actions, Azure DevOps). Serve as the IS technical lead in the DevOps partnership with Platform and Development teams.
• AI Model Infrastructure: Deploy, secure, and maintain cloud infrastructure supporting AI/ML workloads on AWS (SageMaker, EC2) and Azure (Azure ML, Azure OpenAI Service). Own the compute, storage, networking, and access controls these workloads require, in coordination with Platform and Development teams who own the models.
• Federated Identity Management: Own and administer Aptima's federated identity architecture. Configure and maintain Okta, Keycloak, and Microsoft Entra ID; implement SSO, SAML, OAuth 2.0, and OIDC integrations across cloud and on-premises systems. Enforce least privilege and zero-trust identity principles aligned with NIST requirements.
• Cloud Security & Compliance: Administer cloud environments in alignment with NIST SP 800-171 for CUI environments. Lead security reviews, manage IAM governance, and remediate vulnerability assessment findings.
• High-Availability Services & Containers: Deploy and operate highly available services and databases. Administer containerized environments using Docker and Kubernetes.
• AWS API/CLI & Automation: Use the AWS API and CLI for automation, scripting, and environment management. Build tooling that reduces manual toil and improves operational consistency.
• FinOps & Observability: Own cloud cost governance including tagging standards, budget alerting, and rightsizing. Maintain observability frameworks covering log aggregation, distributed tracing, and alerting.
• Mentorship & Technical Advisory: Mentor through code reviews and architecture walkthroughs. Advise IS staff and management within your area of expertise; lead IS projects and provide training as needed.

• Deep AWS expertise (primary); working Azure proficiency. Fluent with the AWS API and CLI.
• IaC framework ownership using Terraform and Ansible; Git and GitHub required.
• CI/CD design experience (GitHub Actions, Azure DevOps, or equivalent).
• AI/ML infrastructure: AWS SageMaker, EC2 GPU, S3 data pipelines; Azure ML or Azure OpenAI Service.
• Federated identity: Okta, Keycloak, and/or Microsoft Entra ID; SSO, SAML, OAuth 2.0, OIDC.
• Cloud security: IAM design, NIST SP 800-171, CSPM tooling, secrets management.
• Docker and Kubernetes; highly available service deployment including ELK stack.
• Windows and Linux system administration.
• Scripting proficiency in Python, Bash, or PowerShell.
• Strong problem-solving and communication skills; effective independently and in a small team.
• Demonstrated mentorship ability and experience leading IS projects., * Citizenship & Clearance: U.S. Citizenship or the ability to obtain a U.S. Security Clearance is required.
• Education: Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent. Equivalent combinations of education and experience will be considered.
• Experience: Bachelor's Degree plus 3+ years of relevant cloud engineering experience, including 3+ years hands-on in AWS. Azure experience is a strong plus.
• Certifications: AWS certifications strongly preferred (Solutions Architect, SysOps, or equivalent). Terraform Associate, CKA/CKAD, Okta Certified Administrator, and AWS ML Specialty or Azure AI Engineer Associate are all a plus.
• Additional: Some travel may be required.

Aptima is a technological leader in the national security industry. Our mission is to drive the future of national security by engineering scalable solutions that fuse technological innovation with human potential to transform how individuals and teams train, develop, and perform in mission-critical environments. Our culture is rooted in our core values, which have evolved over time and our employees have embraced: Integrity, Ingenuity, Excellence, Respect, Engagement, Teamwork. At our core, Aptima researches, develops, and innovates within an area that engineering firms largely ignore, the human component. To impact the world in meaningful ways, you must bring those innovations to light, and that is precisely what we do.