IaC Engineer SME
About the role
The IaC Engineer SME is a senior technical lead for infrastructure automation and Infrastructure-as-Code (IaC) engineering within the WDP Core Integration program. This role is critical to the success of the WDP, which accelerates the deployment of AI on the battlefield across various DoW cloud programs.
Responsibilities
- Develops enterprise infrastructure solutions using Infrastructure as Code methodologies to support Department of War mission systems, cross-domain cloud environments, and production-grade operational platforms.
- Designs and implements automated cloud architectures using Terraform, Ansible, and CloudFormation to support system administration, deployment automation, cybersecurity controls, and CI/CD pipeline integration across multiple operational enclaves.
- Buils secure configuration baselines aligned with approved system operations plans, asset management standards, and cyber incident response procedures.
- Develops and maintains automation for patch management workflows, backup, recovery, and disaster recovery workflows, and release progression from development through production.
- Collaborates with operational units, cybersecurity elements, and development teams to align automation with mission priorities, continuity of operations requirements, and compliance mandates.
- Led development of enterprise templates, code repositories, and automated enforcement of security configurations using version control systems such as Git and GitHub.
- Produces architectural diagrams, automation documentation, rollback plans, and deployment artifacts supporting traceability, audit readiness, and Government review.
- Provides technical direction, guides junior personnel, evaluates system performance metrics, and drives continuous improvement of automated cloud operations.
- Contributes to operational readiness by integrating automation into incident response processes and system monitoring workflows, supporting rapid resolution of system degradations, configuration drift, and mission-impacting anomalies.
- Delivers advanced automation capabilities that increase deployment predictability, reduce operational risk, and support efficient operation of Department of War cloud infrastructures.
Requirements
- Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI).
- 12 or more years of progressively responsible experience in cloud infrastructure engineering, DevSecOps automation, or a closely related field, with demonstrated expert-level proficiency designing and managing IaC and Configuration-as-Code frameworks in support of DoW or federal government programs operating across multiple security enclaves.
- Expert hands-on proficiency with Infrastructure-as-Code and configuration management tooling such as Terraform, Ansible, and CloudFormation, including experience supporting secure federal or defense cloud environments and implementing automation aligned to RMF, STIG, and authorization requirements.
- Demonstrated experience integrating IaC automation into CI/CD DevSecOps pipelines, including automated security baseline enforcement, STIG compliance validation, patch lifecycle management, and configuration drift detection across multi-enclave production environments.
- Proven ability to develop and maintain version-controlled enterprise code repositories using Git or GitHub, produce authoritative technical documentation and rollback plans, and lead automation initiatives that support release management, audit readiness, and continuity of operations for DoW mission platforms.
- Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
- Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Qualifications
- Bachelor's or Master's degree in Computer Science, Systems Engineering, Information Technology, Cloud Computing, or a closely related technical field.
Skills
- Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
- AWS DevOps Engineer (Professional), HashiCorp Certified Terraform Associate or Professional, Red Hat Certified Engineer (RHCE), or an equivalent advanced cloud automation or infrastructure engineering certification.
- A DoW 8140/8570-compliant credential such as CompTIA Security+ or CISSP is also highly valued.
- Prior experience supporting IaC engineering operations on DoW, intelligence community, or defense AI/ML programs, including familiarity with automated provisioning of Kubernetes-based workloads, container security hardening, and Kubernetes-based workloads, container security hardening, and multi-environment cloud platform operations supporting classified and unclassified workloads.
- Experience with observability and monitoring integration for IaC-managed infrastructure using tools such as Splunk, CloudWatch, CloudTrail, or Grafana, including automated alerting, performance trending, and incident correlation workflows.
Benefits
ECS Federal LLC offers a comprehensive benefits package including health insurance, retirement plans, paid time off, and professional development opportunities. We are committed to fostering a diverse and inclusive workplace where all employees feel valued and empowered to reach their full potential.
Pay
Compensation is competitive and commensurate with experience and qualifications. Please note that the actual salary range may vary based on factors such as location, experience, and qualifications.
Schedule
The schedule for this position is typically full-time, with occasional evening and weekend work required to meet project deadlines. Remote work is possible for certain positions, subject to approval and availability of necessary resources.