Senior Cloud Architect
General Dynamics Information Technology
San Antonio, United States of America
6 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
Senior Compensation
$ 199KJob location
San Antonio, United States of America
Tech stack
Kubernetes Security
Microsoft Windows
Agile Methodologies
Amazon Web Services (AWS)
Systems Engineering
Confluence
JIRA
Audit Trail
Azure
Microsoft Online Services
Cloud Computing
Cloud Engineering
Configuration Management
Computer Security
Information Systems
Linux
FS Design Studio
Infrastructure as a Service (IaaS)
Identity and Access Management
Log Analysis
Network Connections
Network Planning and Design
Network Segmentation
Platform as a Service (PAAS)
Role-Based Access Control
Cloud Services
Zero Trust Network Access
Virtualization Technology
Wi-Fi Technology
Data Logging
Cloud Platform System
HybridCloud
SC Clearance
Kubernetes
Infrastructure Automation Frameworks
Information Technology
Bicep
Nessus
Cloudwatch
Terraform
ServiceNow
Vulnerability Analysis
Job description
Architecture & Design
- Architect end-to-end cloud-native, software-defined solutions that meet AETC's performance, scalability, and user-experience objectives; lead the enterprise evolution to Zero-Trust architectures.
- Design and implement secure hybrid environments (public cloud + on-prem), including cloud networking, segmentation, service-to-service security, and federation models.
- Engineer Identity and Access Management (IAM) with role-based access controls (RBAC), least privilege, and single-/multi-domain federation.
- Secure Kubernetes platforms and container runtimes (network segmentation, RBAC, workload isolation) and guide standards for virtualized environments.
- Develop Infrastructure-as-Code (IaC) security baselines to enable repeatable, compliant deployments.
- Lead technical options, costed alternatives, and future-state roadmaps aligned to mission priorities and budget.
Security & Compliance
- Implement RMF-aligned controls; produce/maintain ATO artifacts; support continuous monitoring strategy and control assessments with ISSM/ISSO/SCV.
- Enforce DISA STIG/SRG configurations across Linux/Windows systems, cloud services, VMs, and Kubernetes clusters; maintain timely patching and flaw remediation.
- Enable ACAS/Nessus vulnerability scanning, report results, remediate findings, and sustain POA&Ms in coordination with Government cybersecurity leads.
- Implement web content filtering and traffic prioritization consistent with DoW/USAF policy and AWAKEN rules of behavior.
- Map technical controls to NIST SP 800-53, DISA STIGs, and (as applicable) CMMC requirements; maintain secure logging, audit trails, and evidence packages.
- Support incident response in cloud environments (log analysis, containment, recovery) and contribute to the Government's cyber incident reporting processes.
Engineering, Testing & Delivery
- Operate in a pre-deployment test/lab environment, perform MBSE-driven validation, and deliver successful test results prior to production rollout.
- Troubleshoot complex enterprise connectivity issues impacting performance or user experience; provide Tier-3 engineering guidance to operations teams.
- Optimize network and cloud configurations for resilience, availability, latency, jitter, and QoS in line with AWAKEN KPIs/SLAs.
Collaboration & Governance
- Engage the COR and AWAKEN Government Technical Leads as a trusted advisor; communicate clearly across diverse technical backgrounds.
- Partner with the Program Manager, providing status, recommendations, and technical insight; contribute to PMRs and enterprise planning.
- Support Configuration Control Boards (CCBs) by proposing changes, documenting artifacts, and sustaining the enterprise baseline.
Requirements
Clearance: Ability to obtain and maintain a Secret clearance Customer: Air Education and Training Command (AETC), United States Air Force, * Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, or related field (or equivalent practical experience).
- 10+ years of experience in enterprise IT/cloud architecture, systems engineering, or network modernization; 5+ years leading technical efforts on large programs.
- Hands-on expertise with cloud-integrated network designs, hybrid cloud architectures, and Zero-Trust patterns.
- Strong experience with IAM/RBAC, Kubernetes/container security, and Linux hardening; working knowledge of Windows hardening.
- Architect secure, scalable Cloud infrastructures and network connectivity.
- Design cloud-native data platforms, pipelines, and analytics architectures.
- Automate cloud provisioning with Terraform/ARM/Bicep; ensure consistent, FedRAMP-compliant environments.
- Implement RBAC, least-privilege, encryption, and NIST-aligned security controls.
- Drive FinOps optimization and guide engineering teams on cloud best practices.
- Enhance the security and administration of Spectrum IT systems operations.
- Migrate and modernize with config-level changes.
- Push toward Platform as a Service (PaaS) and cloud-native where possible.
- Replatform if the application can leverage PaaS.
- Rehost using AWS/Azure Infrastructure-as-a-Service (IaaS) if the application can't leverage PaaS.
- Use Microsoft Cloud Adoption Framework (CAF) and the Azure Well-Architected Framework.
- Leverage the NTIA FSDS IL5 tenant based on the single tenant architect
- Demonstrated ability to enforce STIGs/SRGs, remediate ACAS/Nessus findings, and produce RMF/ATO documentation.
- Proficiency with cloud-native monitoring/logging (e.g., CloudWatch or platform equivalents), securing service meshes, and IaC security baselines.
- Experience with Agile/Lean delivery; effective communicator able to brief senior business and government stakeholders.
- U.S. citizen; able to obtain Secret clearance and USAF CAC; pass government background checks and fingerprinting.
- AWS Certified Cloud Architect
Desired Qualifications
- Experience with 5G integration and enterprise Wi-Fi architectures.
- DoWM 8140.03-aligned cyber workforce qualification or willingness to obtain
- Familiarity with AETC/USAF operational environments; prior support to USAREUR-AF or other DoW organizations is a plus.
- Experience with SAFe practices, Jira/Confluence, and ServiceNow in DoW environments., 10 + years of related experience
- may vary based on technical training, certification(s), or degree
Benefits & conditions
(part of General Dynamics) 3.73.7 out of 5 stars San Antonio, TX $147,292 - $199,278 a year, Pulled from the full job description
- 401(k) matching
- Paid time off
- Internal mobility program, At GDIT, the mission is our purpose, and our people are at the center of everything we do.
- Growth: AI-powered career tool that identifies career steps and learning opportunities
- Support: An internal mobility team focused on helping you achieve your career goals
- Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
- Flexibility: Full-flex work week to own your priorities at work and at home
- Community: Award-winning culture of innovation and a military-friendly workplace, The likely salary range for this position is $147,292 - $199,278. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
About the company
Own your opportunity to support our nation's defense. Make an impact by connecting and securing critical operations across the globe, keeping our country safe and secure., We are GDIT. A global technology and professional services company that delivers technology solutions and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50+ countries worldwide, offering leading mission-ready capabilities in AI, cloud, cyber and software development.
Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc.