Cloud Engineer bei Base-2 Solutions

Job Description
Base-2 Solutions is seeking a Cloud Engineer who will design, develop, secure, and maintain cloud infrastructure and Platform-as-a-Service (PaaS) capabilities supporting the Defense Intelligence Agency’s (DIA) Cloud Development Platform (CDP). The candidate will broker and secure IaaS, PaaS, and SaaS services across multiple security domains, deployment models, and environments. This includes major cloud service providers such as AWS, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure, and IBM Cloud.

The Cloud Engineer will design and maintain the DIA PaaS (DPaaS) Kubernetes container platform within the CDP, ensuring consistency, security, and scalability across classified and unclassified domains. The role involves modernizing and automating cloud environments, enabling DevSecOps adoption, and supporting Authorization to Operate (ATO) requirements under a Zero-Trust (ZT) approach.

Capabilities

• Manage Infrastructure Services activities, schedules, and risks, assisting government leads with priorities, resources, and delivery timelines.
• Maintain and update centralized work breakdown structures (WBS) detailing ongoing and upcoming CDP efforts.
• Promote consistency of cloud IaaS, PaaS, and DPaaS services across domains and environments to ensure a seamless customer experience.
• Design, document, and secure approved cloud build configurations that align with DIA cybersecurity requirements.
• Configure, maintain, and enhance approved OS images, including Red Hat Enterprise Linux (RHEL 8/9), Oracle Linux, Rocky Linux, and Microsoft Windows Server 2016/2019/2022.
• Deploy approved OS images into cloud repositories such as AWS AMIs.
• Develop automated solutions to configure, harden, and monitor IaaS compute instances (e.g., AWS EC2) against security requirements.
• Fulfill provisioning and de-provisioning requests for cloud services, including account creation, ICAM configuration, and VPC setup.
• Monitor CSP account usage, identify dormant accounts, and coordinate adjudication with CDP customers.
• Architect, develop, and modernize the DPaaS built on Red Hat OpenShift and Grey Matter service mesh, integrating with DIA enterprise services across domains.
• Extend DPaaS capabilities to CSP container platforms such as Amazon EKS and Azure AKS.
• Configure, test, and install COTS and FOSS tools critical to DPaaS operations.
• Employ Agile and DevSecOps methodologies to deliver secure infrastructure services.
• Support ATO maintenance under DIA’s RMF and Zero-Trust frameworks, providing expertise with Xacta and continuous security monitoring.
• Conduct ongoing security audits and log analysis using tools such as Splunk.
• Support backlog grooming, increment planning, and roadmap development based on HCD insights and emerging technologies.
• Provide Tier 0–3 customer support for Infrastructure Services, including patching, monitoring, backup/restore, and emergency releases.