Cloud Platform Administrator - EDP

About The Position

Requirements

• Bachelor’s degree in Computer Science, Business Administration, Mathematics, Engineering, or a related field; or equivalent practical experience.
• Minimum of 5 years of experience in integration, systems analysis, or programming within cloud environments.
• Minimum of 5 years of experience developing systems requirements and design specifications.
• At least seven years of demonstrated experience developing software across full Software Development Lifecycles (SDLCs), including DevOps, Agile, Lean, Iterative, and Waterfall methodologies.
• Experience designing, deploying, and migrating secure and maintainable systems across Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) environments.
• Experience implementing DevOps practices, CI/CD pipelines, containers, and related cloud deployment best practices.
• Experience working with Amazon Web Services (AWS), Microsoft Azure, or ServiceNow.
• At least 3 years of experience building AWS infrastructure using Terraform and developing CI/CD pipelines, preferably using Azure DevOps or GitLab.
• Strong AWS expertise, including IAM roles and policies, object storage security patterns, VPC networking fundamentals, and logging/monitoring integrations.
• Hands-on experience with AWS security and networking services, including PrivateLink, Secrets Manager and Systems Manager integrations, CloudWatch/CloudTrail, S3 bucket policies, cross-account access patterns, and KMS encryption key management.
• Proficiency in Identity and Access Management concepts, including SSO, SCIM provisioning, group-based RBAC, service principals, and least-privilege design.
• Strong understanding of security fundamentals, including secrets management, secure connectivity, audit logging, access monitoring, and evidence-ready operations.
• Understanding of cloud federation technologies such as SAML, OAuth, and OpenID Connect for enterprise and public-facing systems.
• Familiarity with government cloud compliance frameworks such as FedRAMP and FISMA.
• Strong automation skills using Infrastructure as Code (IaC), including Terraform, CLI tools, and REST APIs to enable repeatable configuration and environment promotion.
• Proficiency in at least one high-level programming language such as Python, Ruby, or Go.
• Experience transitioning legacy systems to cloud-ready architectures.
• Understanding of cloud-based architectures, including web/application servers, caching, load balancers, and storage services.
• Experience with networking fundamentals, including route tables, access control lists, firewalls, NAT, HTTP, DNS, IP, and the OSI model.
• Familiarity with stateless system design and cloud-ready application best practices.
• Ability to evaluate new technologies for alignment with current infrastructure architecture.
• Strong troubleshooting and problem-solving skills with clear communication during incidents and change activities.

Responsibilities

• Develop and maintain platform monitoring and alerting capabilities, operational dashboards, and system health checks; manage and update runbooks and operational procedures.
• Provision, configure, and administer AWS GovCloud infrastructure components supporting EDP environments, including networking, compute, storage, IAM, and logging/monitoring services.
• Establish and sustain standardized “secure-by-default” configurations in alignment with agency security requirements, including baseline hardening, patch coordination, and configuration management.
• Manage and support cloud services for data and analytics platforms, including storage integrations, encryption/KMS implementations, secure service endpoints, and VPC architectures.
• Oversee operational monitoring and alerting, system health checks, runbooks, and incident response activities in collaboration with platform and security teams.
• Administer change management processes for system upgrades, feature deployments, configuration updates, and integration modifications; document impact assessments and rollback strategies.
• Implement and maintain audit logging and access/event visibility controls; support security assessments and evidence requests.
• Configure and manage logging and audit mechanisms (e.g., CloudTrail/CloudWatch patterns) and assist with evidence collection for security and compliance initiatives.
• Partner with network and security stakeholders to implement secure networking architectures, including private connectivity, egress restrictions, and firewall/proxy controls.
• Design, deploy, and manage POC environments (isolated accounts/VPCs as applicable), ensuring repeatability, cost management, and proper decommissioning.
• Collaborate with cloud and network teams to enforce secure connectivity standards and guardrails, including private connectivity models, egress controls, and firewall/proxy requirements.
• Establish and enforce cost governance measures, including cluster policies, auto-termination settings, scheduling controls, workload sizing standards, and capacity planning practices.
• Analyze usage and cost data to provide optimization recommendations and mitigate waste drivers such as idle compute resources, oversized clusters, and inefficient jobs.
• Automate platform administration and configuration through APIs, CLI tools, and Infrastructure as Code (e.g., Terraform) to minimize manual drift and enhance consistency.
• Maintain comprehensive platform documentation, including configuration baselines, security and governance standards, onboarding materials, and troubleshooting guides.
• Oversee third-party integrations and ecosystem connectivity, including BI tool integrations (e.g., Power BI) and external metadata catalog connections.
• Perform capacity planning and scalability assessments, forecasting concurrent user and workload growth, defining scaling strategies, and proactively allocating resources during peak demand.
• Support user onboarding and enablement efforts, including onboarding processes for new users and teams, training coordination, workspace access provisioning, and development of self-service documentation and guides.