Amazon Web Services (AWS) Network Administrator

Description

• Responsible for network security hardening per Department of Defense (DoD) Security and Technical Implementation Guidelines (STIGs) by conducting reviews and remediation.
• Configure and maintain VPN connections, Direct Connect, and other connectivity solutions in AWS, including establishing and managing VPC peering relationships.
• Monitor, analyze, and troubleshoot traffic flow patterns to identify performance bottlenecks, optimize throughput, and maintain compliance with SCCA standards.
• Implement and enforce network security best practices in AWS environments, including firewall rules, encryption, and intrusion detection/prevention systems (IDS/IPS).
• Integrate Amazon GuardDuty and Amazon CloudWatch with Splunk for centralized log ingestion, alerting, and compliance reporting.
• Maintain logs for visibility into traffic patterns, anomalies, and troubleshooting.
• Develop and enforce routing policies in addition to network segmentation strategies that ensure efficient traffic distribution, security, and compliance.
• Collaborate with the Defense Information Systems Agency (DISA) to ensure connectivity as well as compliance between AWS GovCloud and DoD enterprise networks.
• Administer ForeScout CounterACT for Comply-to-Connect (C2C), including policy-based authentication, AWS integrations, and device compliance enforcement in alignment with DoD Zero Trust and NAC requirements.
• Design, deploy, and manage AWS networking components such as Virtual Private Clouds (VPCs), subnets, route tables, network access control lists (NACLs), and security groups to ensure proper routing including traffic flow.
• Configure and manage Out of Band Management (OOBM) for Virtual Private Clouds (VPCs) to enable separate management access.
• Configure, maintain, and monitor AWS Transit Gateways to facilitate inter-VPC communication, optimize routing paths and traffic flow supporting scalable architectures.

Requirements

• In-depth understanding of the following AWS Services: GuardDuty, Security Hub, AWS Inspector, AWS IAM Access Analyzer, AWS Detective, Cloudwatch, CloudTrail, Athena, Cloud Formation, Terraform.
• Occasional travel (1-2 weeks per year) within the Continental U.S. or to Hawaii may be required.
• Strong knowledge of Comply-to-Connect (C2C) with implementation experience within a cloud environment.
• Experience with network security technologies (firewalls, VPN, IDS/IPS, etc.) and best practices for securing cloud environments.
• In-depth understanding of AWS networking services including VPC, Elastic Compute Cloud (EC2), Elastic Load Balancer (ELB), Route 53, Transit Gateway, and CloudWatch.
• Ability to lift up to 25 pounds
• Ability to use stairs without assistance
• Proven experience as a network administrator or engineer with hands-on experience in designing and managing network infrastructure in AWS.
• Req uired: Active IAT II Certification which may include CompTIA Advanced Security Practitioner (CASP+), CompTIA Cybersecurity Analyst (CySA+), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
• Must be on-site at least three (3) days per week.
• Ability to sit for prolonged periods at a desk and working on a computer
• Strong knowledge of network protocols (TCP/IP, DNS, DHCP, BGP, etc.) and networking concepts (subnetting, routing, virtual local area networks, etc.).
• Ability to perform repetitive motions with the hands, wrists, and fingers
• Preferred: Amazon Web Services (AWS) certifications which may include AWS Certified Solutions Architect – Associate or AWS Certified Advanced Networking.
• Proficiency in scripting or programming languages (e.g., Python, PowerShell) for automation tasks.
• Ability to engage in and follow audible communications in emergency situations
• Experience supporting Zero Trust (ZT) principles, including network segmentation, identity-based access, and continuous monitoring is highly desirable.

Benefits

• Core hours: 9:00 AM – 3:00 PM local time, with a minimum 8-hour workday. Flexibility is expected to respond to after-hours emergencies and to support coordination across Hawaii and Virginia time zones.

Training + Development

Interview process

Visa Sponsorship

Security clearance