Defense Engineering Inc. (DEi) is seeking a Senior Microsoft Azure Cloud Engineer to support our long-term contract located at the Defense Threat Reduction Agency (DTRA) at Fort Belvoir, VA.
The I3TS program provides enterprise-wide IT support to enable DTRA’s Information Management & Technology Directorate (ITD) to consolidate, modernize, and continuously innovate the delivery of IT services and mission capabilities to DTRA’s internal and external mission partners operating in CONUS and OCONUS locations.
DEi is a leading small IT business leader in the Washington D.C. Metropolitan Area. DEi combines experience and innovative ideas to provide our clients with the right solution with the right people at the right time. We are a proven IT services and solutions provider for full-life-lifecycle engineering of network, storage, cyber security, communication and policy compliance needs. We focus on delivering IT solutions to meet complex technological and business challenges within mission-critical enterprises.
In addition to the traditional full-time employee benefits package (health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays, DEi also offers Education and professional Certification Reimbursement, and Gym Membership reimbursement benefits.
Job Category: Information Technology – Senior Cloud Systems Engineer
Salary: Negotiable
Location: Fort Belvoir, VA US
Clearance Level Must Currently Possess:
Top Secret / SCI
US Citizenship
Certifications (Baseline)
- 8570 Baseline Active IAT Level II (Minimum of one)
- Security+ CE
- CySA+
- GICSP
- GSEC
- SSCP
Certifications (Active Computing Environment (ACE)
- None
Additional Certs a Plus
Education / Experience: Bachelor’s degree in Computer Science, Information Systems, or related technical field (experience may be considered in lieu of degree) with 5+ years of experience designing and implementing AWS-based solutions in enterprise or government environments
Schedule: Full-time
Potential for Teleworking: 10%
Travel: 10%
Shift: Day Job
Job Description
This Senior Azure Cloud Engineer role is a key position on a highly skilled technical team responsible for designing, deploying, and maintaining secure, scalable, and compliant hybrid- and multi-cloud architectures for the Defense Threat Reduction Agency (DTRA). This position requires deep, hands-on expertise in Microsoft Azure networking, identity and access management with Microsoft Entra ID, and hybrid-cloud management using Azure Arc. The selected candidate will design and implement Zero Trust-aligned, IL4/IL5-accredited solutions integrating Azure, AWS, and on-premises systems in accordance with DoD cybersecurity requirements.
Primary Responsibilities:
- Design, implement, and manage core Azure networking services including Virtual Networks (VNets), subnets, Network Security Groups (NSGs), and Azure Firewall.• Configure and maintain hybrid connectivity using Azure VPN Gateway and ExpressRoute.• Implement and manage Azure load balancing solutions such as Application Gateway and Load Balancer.• Diagnose and resolve complex network connectivity and performance issues using Azure Monitor and Network Watcher.
- Architect and manage Microsoft Entra ID, including user and group lifecycle, and role-based access control (RBAC).• Design and enforce security policies using Conditional Access, Multi-Factor Authentication (MFA), and Identity Protection.• Implement and manage Privileged Identity Management (PIM) for just-in-time access to critical resources.• Manage synchronization and federation between on-premises Active Directory and Entra ID.
- Utilize Azure Arc to extend Azure management and governance to on-premises servers and other cloud environments.• Onboard non-Azure resources into Azure Lighthouse and apply Azure Policy for consistent security and compliance.• Deploy and manage Azure services (e.g., Azure SQL, App Services) on hybrid infrastructure using Azure Arc.
- Develop and maintain automation scripts using PowerShell to provision, configure, and manage Azure resources.• Author and manage JSON-based Azure Resource Manager (ARM) and Bicep templates for repeatable, declarative infrastructure deployments.• Prove proactive mitigation strategies by automating responses to common system alerts and outages.
Required Qualifications
The applicant will have:
- Active Microsoft Certified: Azure Solutions Architect Expert certification (or equivalent).
- Active DoD Top Secret clearance with SCI Eligibility
- DoD 8570 IAT Level II certification
- Bachelor’s degree in Computer Science, Information Systems, or related technical field (experience may be considered in lieu of degree).
- 5+ years of experience designing and implementing Azure-based solutions in enterprise or government environments.
- Proven expertise in Microsoft Entra ID / Azure AD, Azure RBAC, and Conditional Access.
- Experience with multi-cloud identity integration (Azure + AWS or GCP).
- Strong understanding of federated identity, SAML/OIDC protocols, and cross-cloud authentication mechanisms.
- Familiarity with Azure Government (DoD), FedRAMP, and DISA STIG compliance frameworks.
- Hands-on experience with Terraform, Bicep, Azure CLI, and CI/CD automation.Excellent written and verbal communication skills with the ability to brief technical concepts to leadership and stakeholders.
- Must be able to work as part of a team to troubleshoot and resolve complex issues.
- Excellent written and verbal communication skills. This shall include drafting SOPs and technical documentation as well as communication with senior program and customer leadership.
- Must be able to present designs and plans to technical leadership personnel and boards for approvals.
Desired Qualifications
- Experience in Zero Trust Architecture (ZTA) deployment within DoD or federal cloud programs.
- Deep familiarity with Azure Government, Azure Lighthouse, and Azure Arc for multi-tenant management.
- Familiarity with Kubernetes (EKS/AKS) and container security in classified or restricted networks.
- Advanced certifications such as CISSP, CCSP, or AWS Advanced Security Specialty.
- Prior experience supporting DoD or Intelligence Community (IC) programs.
- Experience providing technical leadership and oversight of teams of junior, intermediate, and senior Engineers.
To apply for this job email your details to jobs@dei.net