**Req ID:** RQ219729

**Type of Requisition:** Regular

**Clearance Level Must Be Able to Obtain:** Secret

**Public Trust/Other Required:** None

**Job Family:** IT Infrastructure and Operations

**Skills:**

Cloud Architectures,Cloud Based Services,Identity Access Management (IAM),Information Technology (IT) Systems,Security Compliance

**Experience:**

10 + years of related experience

**US Citizenship Required:**

Yes

**Job Description:**

**Senior Cloud Architect**

**Overview / Your Impact**

AETC recruits, trains, and educates Airmen to deliver 21st‑century airpower. AWAKEN is AETC’s enterprise‑managed, accredited wireless and network service spanning flight lines, classrooms, dorms, and administrative facilities across the U.S. **As Senior Cloud Architect, you are the technical lead driving AWAKEN’s transformation to a cloud‑native, software‑defined, Zero‑Trust enterprise—enhancing performance and cybersecurity for mission training at scale.**

You will **design, implement, and enforce secure cloud and hybrid architectures** , integrating identity, visibility, and continuous monitoring to protect mission systems and enterprise infrastructure. You’ll partner with government stakeholders to align solutions with DoD/USAF requirements and ensure reliable, end‑to‑end connectivity for mission users.

**Responsibilities**

**Architecture & Design**

+ **Architect end‑to‑end cloud‑native, software‑defined solutions** that meet AETC’s performance, scalability, and user‑experience objectives; lead the enterprise evolution to **Zero‑Trust** architectures.

+ **Design and implement secure hybrid environments** (public cloud + on‑prem), including cloud networking, segmentation, service‑to‑service security, and federation models.

+ **Engineer Identity and Access Management (IAM)** with role‑based access controls (RBAC), least privilege, and single‑/multi‑domain federation.

+ **Secure Kubernetes platforms and container runtimes** (network segmentation, RBAC, workload isolation) and guide standards for virtualized environments.

+ **Develop Infrastructure‑as‑Code (IaC) security baselines** to enable repeatable, compliant deployments.

+ **Lead technical options, costed alternatives, and future‑state roadmaps** aligned to mission priorities and budget.

**Security & Compliance**

+ **Implement RMF‑aligned controls** ; produce/maintain ATO artifacts; support continuous monitoring strategy and control assessments with ISSM/ISSO/SCV.

+ **Enforce DISA STIG/SRG configurations** across Linux/Windows systems, cloud services, VMs, and Kubernetes clusters; maintain timely patching and flaw remediation.

+ **Enable ACAS/Nessus vulnerability scanning** , report results, remediate findings, and sustain POA&Ms in coordination with Government cybersecurity leads.

+ **Implement web content filtering and traffic prioritization** consistent with DoD/USAF policy and AWAKEN rules of behavior.

+ **Map technical controls** to NIST SP 800‑53, DISA STIGs, and (as applicable) CMMC requirements; maintain secure logging, audit trails, and evidence packages.

+ **Support incident response** in cloud environments (log analysis, containment, recovery) and contribute to the Government’s cyber incident reporting processes.

**Engineering, Testing & Delivery**

+ **Operate in a pre‑deployment test/lab environment** , perform MBSE‑driven validation, and deliver successful test results prior to production rollout.

+ **Troubleshoot complex enterprise connectivity issues** impacting performance or user experience; provide Tier‑3 engineering guidance to operations teams.

+ **Optimize network and cloud configurations** for resilience, availability, latency, jitter, and QoS in line with AWAKEN KPIs/SLAs.

**Collaboration & Governance**

+ **Engage the COR and AWAKEN Government Technical Leads** as a trusted advisor; communicate clearly across diverse technical backgrounds.

+ **Partner with the Program Manager** , providing status, recommendations, and technical insight; contribute to PMRs and enterprise planning.

+ **Support Configuration Control Boards (CCBs)** by proposing changes, documenting artifacts, and sustaining the enterprise baseline.

**Location:** **:** San Antonio area; **located within 25 miles of JBSA‑Randolph, TX**

**Clearance:** Ability to obtain and maintain a Secret clearance

**Customer:** Air Education and Training Command (AETC), United States Air Force

**Required Qualifications**

+ Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Information Systems, or related field (or equivalent practical experience).

+ **10+ years** of experience in enterprise IT/cloud architecture, systems engineering, or network modernization; **5+ years** leading technical efforts on large programs.

+ Hands‑on expertise with **cloud‑integrated network designs** , hybrid cloud architectures, and Zero‑Trust patterns.

+ Strong experience with **IAM/RBAC** , Kubernetes/container security, and **Linux hardening** ; working knowledge of Windows hardening.

+ Architect secure, scalable Cloud infrastructures and network connectivity.

+ Design cloud-native data platforms, pipelines, and analytics architectures.

+ Automate cloud provisioning with Terraform/ARM/Bicep; ensure consistent, FedRAMP‑compliant environments.

+ Implement RBAC, least‑privilege, encryption, and NIST‑aligned security controls.

+ Drive FinOps optimization and guide engineering teams on cloud best practices.

+ Enhance the security and administration of Spectrum IT systems operations.

+ Migrate and modernize with config-level changes.

+ Push toward Platform as a Service (PaaS) and cloud-native where possible.

+ Replatform if the application can leverage PaaS.

+ Rehost using AWS/Azure Infrastructure-as-a-Service (IaaS) if the application can’t leverage PaaS.

+ Use Microsoft Cloud Adoption Framework (CAF) and the Azure Well-Architected Framework.

+ Leverage the NTIA FSDS IL5 tenant based on the single tenant architect

+ Demonstrated ability to **enforce STIGs/SRGs** , remediate **ACAS/Nessus** findings, and produce **RMF/ATO** documentation.

+ Proficiency with **cloud‑native monitoring/logging** (e.g., CloudWatch or platform equivalents), securing service meshes, and IaC security baselines.

+ Experience with **Agile/Lean** delivery; effective communicator able to brief senior business and government stakeholders.

+ U.S. citizen; able to obtain **Secret** clearance and USAF **CAC** ; pass government background checks and fingerprinting.

+ AWS Certified Cloud Architect

**Desired Qualifications**

+ Experience with **5G** integration and enterprise Wi‑Fi architectures.

+ DoDM **8140.03‑aligned** cyber workforce qualification or willingness to obtain

+ Familiarity with AETC/USAF operational environments; prior support to USAREUR‑AF or other DoD organizations is a plus.

+ Experience with **SAFe** practices, Jira/Confluence, and ServiceNow in DoD environments.

GDIT IS YOUR PLACE

At GDIT, the mission is our purpose, and our people are at the center of everything we do.

● Growth: AI-powered career tool that identifies career steps and learning opportunities

● Support: An internal mobility team focused on helping you achieve your career goals

● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off

● Flexibility: Full-flex work week to own your priorities at work and at home

● Community: Award-winning culture of innovation and a military-friendly workplace

The likely salary range for this position is $147,292 - $199,278. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at https://gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans