Cloud SME

Seize your opportunity to make a personal impact as an Information Systems Security Officer supporting the Case Management Modernization (CMM) Program.  The CMM program is an initiative to support the Administrative Office of the US Courts (AO) in developing a modern cloud-based solution to support all 204+ federal courts across the United States.

GDIT is your place to make meaningful contributions to challenging projects and grow a rewarding career. The Cloud Subject Matter Expert will work as part of the CMM Enterprise Data Warehouse (EDW) team to deploy a secured cloud-native EDW platform and support the statutory and operational reporting, data cataloging, and other analytical objectives.

RESPONSIBILITIES:

• Subject matter expert in cloud architectural engineering with a demonstrated competency and experience with cloud-based, hybrid cloud and multi-cloud architecture designing, constructing, securing and operating workloads, data warehouses, data engineering solutions built in multiple cloud computing platforms.
• Responsible for applying business improvement and reengineering principles to organizational development and process modernization projects.
• Able to quickly identify client issues and likely solutions and approaches.
• Develop, implement, and maintain cloud governance policies for security, risk, access, operations, and compliance, ensuring alignment with business objectives, auditability, automation, and regulatory requirements that will be identified at the appropriate time.
• Facilitate regular policy reviews and updates to address emerging threats, technology changes, and lessons learned.
• Define and implement data protection rules, access controls, encryption standards, and automated incident response procedures for all cloud resources and data flows.
• Establish and enforce granular Identity and Access Management (IAM) policies, including least-privilege access, segregation of duties, and automated provisioning/deprovisioning.
• Conduct periodic access reviews, create reports and make recommendations for rectification for any issues identified / detected.
• Deploy and manage centralized logging, dashboards, and reporting for real-time visibility into cloud usage, security events, and compliance tracking and status and operational metrics. Provide actionable recommendations for cost savings, enforce budget limits, and support detailed verification as/when required.
• Define, document, and automate operational procedures for monitoring, patching, configuration management and incident response to ensure consistent and reliable cloud service management.
• Leverage Infrastructure as Code (IaC) and Policy as Code (PaC) for repeatable and auditable operations.
• Ensure integration with enterprise System Incident and Event Management (SIEM) and monitoring solutions and support customizable reporting for different stakeholder needs.
• Conduct regular automated and manual audits, track remediation actions, and maintain evidence for compliance and audit purposes.
• Continuously monitor, analyze, and optimize cloud usage, spend, and resources. Detect and remediate orphaned, underutilized/overprovisioned resources through automation, and provide actionable recommendations and automated execution where possible.
• Implement automated tagging and resource classification, to enable granular tracking and reporting.
• Provide automated near real time financial and operational reporting, including trend analysis, forecasting and cost estimation of workloads.
• Review all cost drivers and accounts to create Total Cost of Ownership (TCO) analysis for optimization of cloud costs.
• Provide TCO analyses and support scenario modeling for future growth and optimization.
• Provide capabilities to validate accurate billing and payment.
• Manage FinOps tool(s) configuration of users, dashboards and reports.
• Configure alerts and actions to mitigate anomalous cloud usage events.
• Provide budget and usage reports or access to dashboards that provide current budget, percentage of budget consumed, and potential optimization opportunities for use within the Cloud Governance framework.
• Architect, design, and implement scalable, secure, and resilient cloud environments by provisioning and configuring environments, integrating tools, components, and establishing automation to support application deployment, operational efficiency, and compliance to meet the business requirements
• Support the build, integration, and ongoing performance of the cloud infrastructure platform.
• Provide full lifecycle cloud engineering and operations support services related to Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).
• Create and maintain detailed architecture design documents.
• Support multiple environments (dev, test, stage, pre-production, training, production, etc.).
• Continuously assess and recommend improvements to cloud architecture, leveraging emerging technologies (e.g., event-driven architectures, containers, serverless, functions, AI/ML services) to enhance platform capabilities and developer productivity.

REQUIRED EXPERIENCE & QUALIFICATIONS:

• MA/MS degree with 12+ years of general experience in information systems.

• 10+ years of specialized experience in cloud engineering.
• Experience may be considered in lieu of degree as follows: HS (18+ years), AA/AS (16+ years), BA/BS (14+ years), Doctorate Degree/Ph.D. (11+ years).
• Preferred to have an architect certification from at least one of the cloud service providers (CSPs), preferably AWS.
• Has working understanding of multiple CSPs.