AWS Cloud Network Administrator (DoD / GovCloud)

OverviewNakupuna Companies is seeking a motivated AWS Network Administrator to design, deploy, and operate secure, highly available cloud network environments supporting mission-critical workloads. This role focuses on building and optimizing connectivity from enterprise Cloud Access Points (CAPs) into the AWS Secure Cloud Computing Architecture (SCCA), leveraging core AWS networking services to improve performance, resiliency, and security. You'll work hands-on with modern cloud networking while collaborating with network, systems, cybersecurity, and application teams to support business needs and advance AWS networking best practices.ResponsibilitiesDesign, operate, and continuously improve AWS network architectures using VPCs, subnets, routing, and traffic controls that emphasize availability, predictable performance, and scalability Configure and maintain VPN connections, Direct Connect, and other connectivity solutions within AWS, including establishing and managing VPC peering relationshipsOperate and enhance AWS Transit Gateway architectures to simplify routing, reduce operational complexity, and support future growthApply routing and segmentation strategies that improve fault isolation and support secure scalingMonitor, analyze, and troubleshoot traffic flow patterns to identify performance bottlenecks, optimize throughput, and maintain compliance with SCCA standardsNetwork Security and Compliance:Implement AWS network security controls aligned with defense-in-depth and least-privilege principlesSupport DoD STIG reviews and remediation activities to ensure environments remain secure by design and compliant by defaultIntegrate AWS security and observability services such as GuardDuty and CloudWatch for centralized monitoring, alerting, and incident responseMaintain meaningful logs and telemetry to support investigations, audits, and operational insightAdditional Network Services:Collaborate with senior engineers and DISA to enable secure, compliant connectivity between AWS GovCloud and DoD enterprise networksConfigure and maintain Out-of-Band Management (OOBM) to ensure environments remain operable during incidents or degraded conditionsDevelop and maintain documentation including Standard Operating Procedures (SOPs), diagrams, and System Security Plans (SSPs)QualificationsSkills/Qualifications: Excellent technical, organizational, decision-making, analytical, writing and planning skills. Effective communicator who takes initiative and the ability to adapt to dynamic environments. In addition, the following technical skills are needed:Proven experience as a network administrator or engineer with hands-on experience in designing and managing network infrastructure in AWSStrong understanding of AWS networking services including VPC, EC2, ELB, Route 53, Transit Gateway, and CloudWatchUnderstanding of the following AWS Services: GuardDuty, Security Hub, AWS Inspector, AWS IAM Access Analyzer, AWS Detective, CloudWatch, CloudTrail, Athena, and CloudFormationUnderstanding of Terraform to automate the provisioning, configuration, and lifecycle management of AWS networking resourcesStrong knowledge of network protocols (TCP/IP, DNS, DHCP, BGP, etc.) and networking conceptsExperience securing environments using firewalls, VPNs, IDS/IPS, and related technologiesProficiency in scripting or programming languages (e.g., Python, PowerShell) for automation tasksEducation/Experience: Bachelor's degree in a technical major from an accredited institution as well as a minimum of three years of relevant professional experience. Equivalent years of related work or military experience in lieu of degree will also be considered.Certification:Required: Active IAT II Certification which may include CompTIA Advanced Security Practitioner (CASP+), CompTIA Cybersecurity Analyst (CySA+), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.Preferred: Amazon Web Services (AWS) certifications which may include AWS Certified Solutions Architect – Associate or AWS Certified Advanced Networking.Clearance Requirement: Must currently hold an active Top Secret level of security clearance. Must be a U.S. citizen.Work LocationPosition is based in Arlington, VAMust be on-site at least three (3) days per week.Occasional travel (1-2 weeks per year) within the Continental U.S. or to Hawaii may be required.Core hours: 9:00 AM – 3:00 PM local time, with a minimum 8-hour workday. Flexibility is expected to respond to after-hours emergencies and to support coordination across Hawaii and Virginia time zones.Physical RequirementsAbility to perform repetitive motions with the hands, wrists, and fingers.Ability to engage in and follow audible communications in emergency situations.Ability to sit for prolonged periods at a desk and working on a computer.J-18808-Ljbffr