Cloud Network Engineer (Network SME), AWS GovCloud Program

D9Tech Resources, LLC
Washington, DC

Quick Apply

Job Details

Full-time | Contract
$70 - $90 an hour
1 day ago

Qualifications

Network topology design
Secret Clearance
DoD experience
Network infrastructure
Production systems
Design engineering
IP networking
Network security appliance implementation
Amazon VPC
Cloud network integration
Virtual Private Clouds

Full Job Description

Cloud Network Engineer (Network SME), AWS GovCloud Program

Location: Arlington, VA (hybrid) Employment type: Full-time Citizenship: U.S. citizenship required Clearance: Active Secret clearance required

About the role

We are hiring a hands-on Cloud Network Engineer to own Department of Defense network connectivity into AWS GovCloud. This is a builder's role, not an oversight one. You will lead the BCAP cutover, shape route table topology across the Inspection, Egress, and Perimeter VPCs, and drive the Transit Gateway changes that bring new workload accounts online. When a design question lands on the table about Direct Connect, DXGW versus VGW, or how traffic should be inspected, you are the person in the room with the answer. If you know AWS Network Firewall down to the Suricata rule, and you have moved real DoD workloads into GovCloud, this one was written for you.

What you'll do

Own end-to-end DoD network connectivity into AWS GovCloud, from design through cutover and into steady-state operations.
Lead the BCAP cutover and manage route table topology across the Inspection, Egress, and Perimeter VPCs.
Execute the Transit Gateway changes that onboard new workload accounts into the environment.
Author and tune AWS Network Firewall policy, including Suricata rules for stateful east-west and north-south inspection.
Prepare and submit DISA SNAP packages, and coordinate NIPRNet /24 assignments.
Drive network design decisions across BCAP, Direct Connect, and Transit Gateway, including DXGW versus VGW trade-offs.
Document topology, changes, and runbooks so the environment stays auditable and supportable.

What you need

U.S. citizenship (required for this program).
Hands-on experience building and operating network connectivity in AWS GovCloud for a federal or DoD customer.
Strong AWS Network Firewall skills, including Suricata rule authoring and stateful east-west and north-south inspection. This is a must, not a nice-to-have.
Production experience with AWS Transit Gateway, multi-VPC route table design, and Direct Connect, including the DXGW versus VGW trade-offs that come with it.
Familiarity with DISA SNAP submissions and NIPRNet IP space provisioning.
Ability to work a hybrid schedule in the Arlington, VA area.

Pay: $70.00 - $90.00 per hour

Application Question(s):

Do you have an active Secret Security Clearance?
Are you a U.S. Citizen?
How many years of hands-on network engineering experience do you have?
Do you have hands-on experience building and operating network connectivity in AWS GovCloud for a federal or DoD customer?
Have you personally authored or tuned AWS Network Firewall policy, including Suricata rules for stateful inspection?
Do you have production experience with AWS Transit Gateway and multi-VPC route table design?
Can you work a hybrid schedule in the Arlington, VA area?

Work Location: Hybrid remote in Washington, DC 20301

Quick Apply

Job Seeker Tools

Employer Tools

Browse

Stay Connected