Key skills
AnsibleAWSCloudEC2PythonTerraformBashAIMLS3IAMGlueSageMaker
About this role
Role Overview
- Build the cloud where the magic lives.** **Design, deploy, and operate secure, scalable AWS environments (EC2, VPC, IAM, S3, Aurora, and Neptune) that keep our systems fast and our data exactly where it belongs, supporting CMS as it merges systems into one AI-driven platform.
- Respect the pillars.** **Build to the AWS Well-Architected Framework, balancing performance, reliability, security, and cost like they actually matter (because they do).
- Give AI a home.** **Stand up the cloud environment for AI, hosting open-source LLMs and ML workloads (think SageMaker, Glue, DataBrew) entirely within CMS’s AWS account, so sensitive data never wanders off.
- Keep the lights on.** **Implement high availability, disaster recovery, and COOP continuity so we hit our SLAs even on a genuinely bad day.
- Make security non-negotiable.** **Wire up AWS Security Hub, Config, and Audit Manager to keep us continuously compliant inside a FISMA Moderate boundary aligned to RMF, ARS, and IS2P2.
- Run a tidy multi-tenant house.** **Build isolated, segregated, quota-managed spaces where different teams can experiment with AI without elbowing each other.
- Be the bouncer.** **Design least-privilege IAM and role-based access controls, then keep them honest with regular access reviews and audits.
- Make it observable.** **Set baselines, configure monitoring and alerting, and turn system health into something the whole team can actually see, ideally before a user files a ticket.
- Chase the waste.** **Model cloud costs, hunt down savings with tools like AWS Trusted Advisor, and help keep our AI workspace financially sane.
Requirements
- 3-5 years of hands-on AWS experience.** **You’ve built and run real environments, not just collected exam badges (though we like those too).
- Solid comfort with core AWS services:** **compute, networking (VPC), IAM, storage, and managed databases.
- A security-first reflex** **and familiarity with cloud-native security and compliance tooling (Security Hub, Config, Audit Manager, or similar).
- Automation instincts.** **Python, Bash, and a genuine fondness for Infrastructure as Code (Terraform, Ansible), because clicking around the console doesn’t scale.
- An eye for cost optimization.** **You know the cheapest architecture and the best architecture are usually closer than people think.
- All the curiosity.** **You’d rather understand why something broke than just restart it and hope.
- A sense of humor and a calm head.** **When something’s on fire at 2 a.m., you’re the person everyone’s relieved is on the call.
Tech Stack
- Ansible
- AWS
- Cloud
- EC2
- Python
- Terraform
Benefits
- Medical, dental, vision insurance (fully paid for employees)
- 15 days of paid leave
- 7 days of sick leave
- 2 days bereavement leave
- 11 paid Federal holidays
- Up to 40 hours for jury duty
- 401K with 4% employer contribution (and no vesting period)
- Up to 4 weeks of paid paternity and maternity leave
- Company provided laptop
- $5,000 per year for professional development
- $600 per year for technical supplies and equipment
- $2,000 referral bonus
- Life and disability insurance
- HSA and FSA
- Legal Shield and ID Shield Voluntary Benefits
- Opportunity to work in a collaborative, motivated team focused on modernizing government services with cutting-edge technology and innovative solutions. Who says government work can't be exciting!