DL
Cloud Network Engineer, AWS GovCloud
D9Tech Resources, LLCDevOpsHybrid • Arlington, Virginia$145k-187kPosted about 20 hours ago
Job Description
We are hiring a hands-on Cloud Network Engineer to serve as our Network SME for the AWS GovCloud program. This is a builder-focused role where you will directly shape and implement the network connectivity that supports Department of Defense workloads. Our team operates in a hybrid model in the Arlington, VA area, with the role also referenced as hybrid remote in Washington, DC 20301. We offer competitive hourly compensation of $70.00 to $90.00, and this position is intended for a U.S. citizen who can maintain an active Secret clearance.
- We require U.S. citizenship and an active Secret clearance for this program.
- We need hands-on experience building and operating network connectivity in AWS GovCloud for a federal or Department of Defense customer.
- We require strong expertise with AWS Network Firewall, including authoring and tuning Suricata rules for stateful east-west and north-south inspection.
- We need production experience with AWS Transit Gateway, multi-VPC route table architecture, and Direct Connect, including DXGW versus VGW decision-making.
- We require familiarity with DISA SNAP submissions and NIPRNet IP space allocation.
- We need the ability to work a hybrid schedule in the Arlington, VA / Washington, DC area.
- We prefer candidates with prior experience supporting DoD workload migration into AWS GovCloud.
- We are looking for someone with at least several years of hands-on network engineering experience.
- We own end-to-end DoD network connectivity into AWS GovCloud, from initial design through cutover and steady-state support.
- We lead the BCAP cutover and manage route table design across the Inspection, Egress, and Perimeter VPCs.
- We execute Transit Gateway changes that onboard new workload accounts into the environment.
- We develop and refine AWS Network Firewall policy, including Suricata rules for both east-west and north-south traffic inspection.
- We prepare and submit DISA SNAP packages and coordinate NIPRNet /24 assignments.
- We guide network design choices across BCAP, Direct Connect, and Transit Gateway, including DXGW versus VGW trade-offs.
- We document topology, change activity, and operational runbooks to keep the environment auditable and supportable.
- We serve as the technical authority when questions arise about connectivity, routing, inspection, or traffic flow.
- We require U.S. citizenship and an active Secret clearance for this program.
- We need hands-on experience building and operating network connectivity in AWS GovCloud for a federal or Department of Defense customer.
- We require strong expertise with AWS Network Firewall, including authoring and tuning Suricata rules for stateful east-west and north-south inspection.
- We need production experience with AWS Transit Gateway, multi-VPC route table architecture, and Direct Connect, including DXGW versus VGW decision-making.
- We require familiarity with DISA SNAP submissions and NIPRNet IP space allocation.
- We need the ability to work a hybrid schedule in the Arlington, VA / Washington, DC area.
- We prefer candidates with prior experience supporting DoD workload migration into AWS GovCloud.
- We are looking for someone with at least several years of hands-on network engineering experience.
- We own end-to-end DoD network connectivity into AWS GovCloud, from initial design through cutover and steady-state support.
- We lead the BCAP cutover and manage route table design across the Inspection, Egress, and Perimeter VPCs.
- We execute Transit Gateway changes that onboard new workload accounts into the environment.
- We develop and refine AWS Network Firewall policy, including Suricata rules for both east-west and north-south traffic inspection.
- We prepare and submit DISA SNAP packages and coordinate NIPRNet /24 assignments.
- We guide network design choices across BCAP, Direct Connect, and Transit Gateway, including DXGW versus VGW trade-offs.
- We document topology, change activity, and operational runbooks to keep the environment auditable and supportable.
- We serve as the technical authority when questions arise about connectivity, routing, inspection, or traffic flow.
More DevOps Jobs
DevOpsSource: JobicyRemote • LATAM
about 20 hours ago
about 20 hours ago
about 20 hours ago