Cloud Systems Engineer

Cloud Systems Engineer

Pay: $100/hr - $110/hr

Location: Onsite – Miami, FL or Colorado Springs, CO (10% occasional travel to Hawaii)

Clearance: TS/SCI (Marathon TS)

Division: Mission Performance & Security Systems

Employer: Marathon TS

---

About

Marathon TS is seeking a Senior Cloud Systems Engineer within the Mission Performance & Security Systems Division. This role focuses on designing and managing secure cloud environments for high‑impact defense operations, including AWS GovCloud and commercial environments, network segmentation for air‑gapped and hybrid systems, cross‑domain data transfer, and ongoing compliance for workload authorization. The position directly supports space‑based national security operations.

---

Key Responsibilities

• Design, deploy, and sustain cloud environments within AWS, supporting impact levels IL2 through IL5.
• Develop secure network architectures for classified, air‑gapped, and hybrid environments—including VPC setup, cross‑account routing, and secure on‑premises connectivity.
• Implement and uphold security controls aligned with DoD compliance standards, supporting continuous authorization efforts and audit readiness.
• Engineer secure data transfer mechanisms across cross‑domain solutions and different classification zones.
• Manage identity and access frameworks—RBAC, credential management, identity federation—across multiple accounts and regions.
• Use infrastructure‑as‑code to deliver repeatable, auditable deployments in classified environments.
• Configure security monitoring, logging, and alerting infrastructure to support operational and compliance needs.
• Collaborate with cross‑domain solution engineers on integrating security labels and enforcement.
• Oversee cloud cost governance—rightsizing, reserved capacity, tagging, policy enforcement, and budget alerts.
• Create and maintain detailed architecture documentation—network diagrams, control mappings, and authorization artifacts for government review.

---

Requirements

• An active U.S. Secret clearance is required; TS/SCI clearance is preferred.
• Must be a U.S. citizen.
• AWS Certification.
• Bachelor’s degree in Computer Science, Cybersecurity, Cloud Computing, IT, or a related technical discipline (advanced degree a plus).
• 10+ years of experience designing and operating cloud infrastructure for DoD or national security projects.
• Extensive hands‑on experience with AWS, including GovCloud, multi‑account architectures, and classified workloads at IL4/IL5.
• Practical experience designing and managing cloud networking in air‑gapped, classified, or hybrid environments.
• Working knowledge of RMF, FedRAMP, CMMC, NIST SP 800‑171, and NIST SP 800‑53.
• Proven experience with infrastructure‑as‑code, IAM architecture (cross‑account roles, federation, least privilege), and compliance monitoring.
• Strong documentation skills for government review—authorization artifacts, control mappings, architecture decision records.

---

Desired Skills

• CISSP, CCSP, Security+.
• Experience with container orchestration, CI/CD pipelines, and DevSecOps in classified environments.
• Familiarity with cross‑domain solutions and secure data transfer between cloud partitions.
• Experience with MBSE and SysML v2 modeling tools.
• Experience supporting space, satellite, or missile defense programs.
• Experience with Amazon Dedicated Cloud (Client) air‑gapped regions.
• FinOps expertise—cloud spend optimization and financial governance in DoD environments.
• Experience with Azure or other DIB cloud providers; AWS Landing Zone Accelerator (LZA) for multi‑account governance.

---

Benefits

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance

---

Education

• Bachelor’s (Required)

---

Experience

• Architecting classified workloads within the space realm: 2 years (Required)

---

License / Certification

• TS/SCI Clearance (Required)
• AWS (Required)

---

Work Location

• In person

---

Pay

• $100.00 - $110.00 per hour

---

Marathon TS is committed to a creative, diverse, and inclusive work environment. Employment decisions are based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age, or any other characteristic protected by law.