Sr Cloud Architect

Storage Strategies, Inc. (SSI) is seeking a Senior Cloud Architect in San Diego, CA to design, implement, and sustain secure, highly available cloud infrastructure. The Cloud Architect is responsible for the strategic direction and technical design of the program's cloud-native infrastructure. This position defines how the platform evolves, what emerging technologies are adopted, and how architectural decisions align with the program's security, scalability, and operational requirements. The Cloud Architect operates at the intersection of engineering, security, and program leadership, translating mission needs into defensible architectural decisions. Must have an active Secret clearance. Hybrid (onsite) work., * Design compute, security, and networking infrastructure that meets security and compliance requirements across AWS GovCloud and air gapped cloud environments

• Plan, schedule, and execute upgrades, configuration changes, and architecture enhancements for production environments and supporting services
• Research and evaluate emerging cloud-native technologies
• Produce architectural design documents
• Identifies opportunities to implement automation and infrastructure as code
• Communicate technical and cost tradeoffs to engineering, security, program leadership, and customer stakeholders; conduct regular cloud cost/utilization reviews and provide recommendations to optimize performance and cost
• Represent the program in technical reviews and cross-program coordination
• Deploy, upgrade, and maintain Kubernetes clusters (EKS Auto), including cluster configuration, authentication, authorization, and integration with AWS services including implementing admissions policies, controllers, network policies, and pod identities
• Develop, implement, and test backup procedures, data retention policies, and disaster recovery strategies for mission systems
• Promote observability across cloud infrastructure and application deployments; monitor system performance and availability, and perform incident response
• Leverage CloudWatch metrics and Log Insights to troubleshoot performance problems
• Debug and analyze performance of Linux servers
• Design VPC topologies and security boundaries and produce system and network diagrams to support engineering, security, and accreditation artifacts

• Clearance: Active DoD Secret
• Education: Bachelor's degree in computer science, Engineering, or related field, or equivalent demonstrated experience
• CompTIA Security+ (or higher DoD 8570 IAT/IASAE baseline such as CASP+, CISSP, or CCSP) (may be required at hire or obtained within a defined timeframe).
• AWS Certified Solutions Architect (Associate or Professional) or equivalent cloud certification
• 5+ years of hands-on experience in AWS cloud architecture; deep expertise across AWS computing, networking, storage, and security services. Strong experience with: VPC design, routing, security groups, NACLs, and connectivity (e.g., PrivateLink, peering, Transit Gateway). EC2, RDS, S3, EFS, EBS, ELB, Route 53, IAM, CloudWatch, GuardDuty, Lambda. Backup/restore and disaster recovery implementation for production systems.
• 3+ years of experience deploying and administering Kubernetes clusters in production environments, preferably EKS
• Experience in Linux systems administration, preferably RedHat Enterprise Linux
• Knowledge of PKI concepts to include TLS, mutual TLS, certificate chains, cipher suites, and packet capture and analysis
• Proficiency with infrastructure-as-code (IaC) and GitOps, preferably ArgoCD
• Demonstrated ability to communicate complex technical concepts to technical and non-technical audiences
• History of producing documentation that outlasts individual contributors
• Proficiency with scripting/automation tools (e.g., Python, Bash, Ansible) to automate infrastructure, maintenance, and reporting tasks, * Experience with AWS SC2S or other classified cloud environments.
• Prior NAVWAR, NIWC, Navy, or DoD program experience.
• Experience defining AMI build pipelines with Image Builder, Ansible, and STIG baselines.
• Observability tooling including Prometheus, Grafana, and OpenTelemetry
• Exposure to security frameworks such as FIPS, STIG, or FedRAMP
• Contributions to open source projects or public technical communities

190k+