What are the responsibilities and job description for the AWS GovCloud Infrastructure Engineer position at Safran?
The Opportunity:
We are seeking a Gov Cloud AWS Infrastructure Engineer to design, implement, and maintain secure and compliant AWS Gov Cloud environments. This role is responsible for ensuring FedRAMP compliance, security architecture, and cloud infrastructure reliability while supporting DevSecOps initiatives. The ideal candidate will also possess networking infrastructure knowledge and experience with government cloud security technologies.
Our Technology:
Safran Federal Systems provides Resilient Positioning, Navigation and Timing (R-PNT) solutions and custom engineering services to U.S. Government agencies, defense organizations and their contractors. Safran Federal Systems is authorized to work on the full spectrum of U.S. Government classified and unclassified projects, in addition to supporting strategic partnerships for key defense PNT technologies.
How I will Contribute:
AWS Gov Cloud Security & Infrastructure Management:
· Design, implement, and maintain AWS Gov Cloud environments with a focus on security, scalability, and high availability.
· Lead security architecture initiatives, ensuring alignment with FedRAMP, NIST 800-53, NIST 800-171/CMMC, and DoD compliance requirements.
· Implement and enforce IAM policies, access controls, encryption standards, and network segmentation to protect cloud assets.
· Automate infrastructure provisioning and compliance monitoring using Terraform, CloudFormation, or Ansible.
· Conduct cloud vulnerability assessments, incident response, and remediation strategies using AWS Security Hub, GuardDuty, and CloudTrail.
· Support migration to containerized environments, ensuring secure deployment within Kubernetes and microservices architectures.
Site Reliability & Cloud Optimization:
· Monitor system performance, availability, and scalability using AWS CloudWatch and third-party observability tools.
· Identify and mitigate performance bottlenecks while optimizing cloud resources to enhance cost efficiency.
· Develop and implement continuous integration and continuous deployment (CI/CD) pipelines for infrastructure automation.
· Support incident response and troubleshooting of cloud-based applications, ensuring minimal downtime.
· Maintain logging, monitoring, and alerting systems to proactively detect and resolve issues.
· Implement disaster recovery strategies to ensure rapid system restoration and business continuity.
Networking & FedRAMP Compliance (Secondary Skills):
· Support traditional networking infrastructure, including firewalls, VLANs, VPNs, and SD-WAN solutions.
· Implement and maintain secure AWS networking solutions (VPCs, Direct Connect, VPNs, Route 53).
· Collaborate with security and compliance teams to meet DoD STIG requirements and FedRAMP technical controls.
· Support hybrid cloud networking, ensuring integration with on-premises infrastructure and secure interconnectivity.
· Participate in security vulnerability remediation efforts, coordinating with cross-functional teams and government agencies.
· May provide technical support for desktop systems and end users, ensuring efficient issue resolution and system performance.
· Possess strong knowledge of Windows, Linux, and databases, including installation, configuration, troubleshooting, and security best practices.
What You Bring Safran and Federal Systems:
· 5 years of experience in AWS cloud infrastructure, including at least 2 years in AWS Gov Cloud.
· Strong expertise in AWS security services (IAM, KMS, Security Hub, GuardDuty, CloudTrail, WAF, Shield).
· Hands-on experience implementing FedRAMP, NIST 800-53, and DoD STIG compliance requirements.
· Proficiency in Infrastructure as Code (IaC) tools (Terraform, CloudFormation, Ansible) for automated cloud deployments.
· Experience with DevSecOps best practices, integrating security within CI/CD pipelines.
· Solid knowledge of networking principles (VPC design, VPNs, Transit Gateway, Direct Connect, firewall configurations).
· Strong scripting skills (Python, Bash, PowerShell) for automation and system management.
· Experience monitoring and maintaining cloud workloads, ensuring high availability and reliability.
· Eligibility to obtain a Top-Secret security clearance, including the successful completion of a background investigation.
· AWS Certifications (AWS Certified Security – Specialty, AWS Solutions Architect, AWS Advanced Networking).
· Experience working with federal agencies, DoD environments, or government contractors.
· Hands-on experience with Zero Trust Architecture (ZTA), SIEM tools, and Cloud Access Security Broker (CASB) solutions.
· Familiarity with containerized environments (Docker, Kubernetes, ECS, EKS) and microservices security.
· Experience with incident response, threat hunting, and forensic analysis in a cloud environment.
· The ability to communicate information and ideas so others will understand. Must be able to exchange accurate information in these situations. Ability to reason logically and make sound decisions, to consider alternative and diverse perspectives, to communicate effectively both orally and in writing, to remain poised under all circumstances, and to interact effectively with people in a positive manner that engenders confidence and trust.
· Ability to work effectively and efficiently in high stress and conflict situations.
· Ability to simultaneously address multiple complex problems.
· Ability to multitask without loss of efficiency or accuracy, including the ability to perform multiple duties from multiple sources.
· Must be able to remain in a stationary position 50% of the time
· The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
· AWS Certifications (AWS Certified Security – Specialty, AWS Solutions Architect, AWS Advanced Networking).
· Experience working with federal agencies, DoD environments, or government contractors.
· Hands-on experience with Zero Trust Architecture (ZTA), SIEM tools, and Cloud Access Security Broker (CASB) solutions.
· Familiarity with containerized environments (Docker, Kubernetes, ECS, EKS) and microservices security.
· Experience with incident response, threat hunting, and forensic analysis in a cloud environment.
About Orolia Defense and Security
Safran Federal Systems has been awarded as a Winner of the Rochester Metro Area Top Workplaces 2024 Award.
In 2022, Safran acquired Orolia, now Safran Trusted 4D, the world leader in Resilient PNT. At the intersection of critical infrastructure and national defense, Safran Trusted 4D solutions govern and protect the integrity of systems that shape the world. In early 2019, Orolia Defense & Security spun off as a separate entity from its parent company Orolia, with the mission of providing resilient Positioning, Navigation and Timing (PNT) solutions and custom engineering services to U.S. Government agencies, U.S. Defense organizations, and their contractors.
In August of 2019, Safran Federal Systems acquired Talen-X, a U.S. company specializing in advanced GNSS (Global Navigation Satellite System) Simulation solutions and Interference, Detection, and Mitigation (IDM) technologies. Talen-X's portfolio was an ideal fit and has helped to enhance Safran FS's overall offerings. The acquisition enabled Talen-X's existing resources, operations and capabilities to be scaled and accelerated to better support the warfighter. Read the press release here.
Safran Federal Systems operates as a proxy-regulated company, Free of Foreign Ownership, Control, or Influence (FOCI). As such, Safran FS Defense & Security is approved to work on the full spectrum of U.S. Government classified and unclassified projects and is positioned to support strategic partnerships in the development of key PNT technologies for the defense market.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Please note this description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Salary : $130,000 - $160,000
