Requires US Citizenship
Employment Term and Type: Regular, Full Time Required Security Clearance: Secret
Required Education: Bachelor’s or Six (6) years of relevant professional experience may be substituted for the bachelor’s degree
Job Description:
Design, implement, and sustain secure cloud infrastructure and platform services in Microsoft Azure to support DoD mission systems. Apply DoD cybersecurity and compliance requirements (e.g., RMF, STIGs, IL5/IL6) to architect, deploy, and harden cloud environments using Infrastructure as Code and DevSecOps practices. Responsibilities include provisioning and managing Azure networking, identity, and compute resources; automating CI/CD pipelines; monitoring performance and security posture; and supporting Authority to Operate (ATO) activities. Collaborates with system owners, security teams, and mission stakeholders to ensure resilient, scalable, and compliant cloud solutions aligned with DoD reference architectures and Zero Trust principles.
Primary Duties and Responsibilities:
Deploy and manage changes within a Production Cloud Environment, ensuring high availability, stability, and adherence to operational change management processes.
Rapidly diagnose and resolve outages, performance degradation, and system “spike” events to minimize operational disruption and maintain mission readiness.
Implement and enforce Department of Defense security compliance requirements, including application control, Microsoft Defender for Endpoint, and Security Technical Implementation Guides (STIGs) within IL5/IL6 environments.
Design, implement, and maintain identity and access management controls using Azure AD, including Role-Based Access Control (RBAC), Conditional Access policies, and Multi-Factor Authentication (MFA).
Configure and manage Azure networking infrastructure, including virtual networks (VNets), subnets, route tables, and firewall configurations to support secure enterprise connectivity.
Monitor and optimize network and cloud performance, including bandwidth utilization, connectivity health, and operational metrics to ensure reliable service delivery.
Administer and maintain enterprise endpoint management solutions through Microsoft Intune, including configuration profiles, compliance policies, remediation scripts, platform scripts, and firewall policy management.
Engineer and maintain a secure Managed Mac solution to support enterprise device management and compliance requirements.
Develop and implement Conditional Access and device management policies to strengthen endpoint security and ensure proper access control across enterprise mobility platforms.
Collaborate with cross-functional product teams and engineering groups to ensure enterprise applications and services function effectively across supported devices and platforms.
Research and evaluate emerging mobility technologies and device capabilities to improve performance, security posture, and user experience across enterprise endpoints.
Provide priority technical support to executive leadership (E-VIP/VIP users) and rapidly address urgent operational issues affecting mission-critical personnel.
Communicate technical updates, system changes, and operational impacts to stakeholders, ensuring transparency and coordination across teams and leadership.
Develop and maintain Standard Operating Procedures (SOPs), technical documentation, and knowledge base articles to support technical teams and the NESD helpdesk in troubleshooting and operational support.
Required Qualifications:
Relevant IT experience
Active DoD 8570/8140 compliant baseline certification (e.g., CompTIA Security+ CE, CISSP, SSCP, or equivalent) required prior to start.
Desired Qualification:
Experience in DoD or Federal environments: Demonstrated experience designing, deploying, or supporting cloud solutions within U.S. DoD, Federal Civilian, or Intelligence Community environments (e.g., IL5/IL6).
Azure Government expertise: Hands-on experience with Microsoft Azure Government and familiarity with DoD-approved cloud environments (e.g., Azure Government Secret, GCC High).
Demonstrated knowledge of DoD cybersecurity policies, and NIST SP 800-53 security controls.
DevSecOps in regulated environments: Experience integrating security scanning, compliance checks, and policy enforcement (e.g., Azure Policy, Defender for Cloud, container/image scanning) into CI/CD pipelines.
Logging & monitoring: Familiarity with centralized logging and SIEM integration (e.g., Azure Monitor, Log Analytics, Microsoft Sentinel) to meet DoD audit and incident response requirements.
Industry certifications, such as:
Microsoft 365 Certified : Fundamentals (MS-900)
Microsoft Certified : Azure Administrator Associate (AZ-104)
Microsoft Certified : Security, Compliance, and Identity Fundamentals (SC-900)
Microsoft Cybersecurity Architect Expert (SC-100)
Microsoft Identity and Access Administrator (SC-300)
Bachelor’s degree in one of the following fields: Engineering (any discipline), Computer Science, Information Technology, or other technical discipline. (Six (6) years of relevant professional experience may be substituted for the bachelor’s degree.)
Security Clearance Requirements: Secret
Physical, Work Environment & Conditions: (please update)
Typical office environment:
Must be able to sit or stand at a workstation for extended periods.
Occasional standing while working in server rooms or at patch panels.
Must be able to lift and move moderately heavy equipment (e.g., routers, switches, servers) typically up to 30–50 pounds.
Manual Dexterity required for connecting cables, configuring devices, and handling small tools or components.
Must be able to view computer screens for long periods.
Ability to distinguish color-coded cabling and indicator lights.
Must be able to climb ladders or crawl in tight spaces for cable runs or equipment installation.
May require walking between different buildings or workstations.
Must be able to communicate clearly with technical teams and end-users.
May need to hear alarms, server beeps, or equipment noises indicating issues
This position description is not intended as, nor should it be construed as, exhaustive of all responsibilities, skills, efforts or working conditions associated with this job. This and all positions are eligible for organization-wide transfer. Management reserves the right to assign or reassign duties and responsibilities at any time.
Company Overview: FGS LLC is an international, leading-edge provider of technical services to include Secure Information Systems, Security and Engineering and Intelligence Analysis. Our turn-key solutions include the design, engineering, deployment operations, and sustainment of secure technology and critical infrastructure for the protection and safety of our customers' mission-critical information, processes, and personnel. Demonstrating an unyielding commitment to our customers, superior trust and dedication with our partners, and leading-edge technical expertise over the past seven years, FGS has experienced explosive growth providing superior services throughout the world, from North America and the Pacific Rim to the Middle East and Europe.
FGS provides secure, leading edge technology and process management services to military, government, and commercial clients worldwide.
FGS offers a generous compensation package including health, dental, vision, 401(k), group life insurance, educational reimbursement, among other benefits.
We value our employees and strive to offer many opportunities for professional growth.
#cjpost – Information Technology FGS, LLC is an Equal Opportunity Employer as to all protected groups, including protected veterans and individuals with disabilities