NLM Cloud Engineer I
Lexical Intelligence LLC
Job Description
Job DescriptionJob DescriptionSalary: $70,000 - $90,000
Cloud Engineer I
Lexical Intelligence provides software and services related to processing large-scale biomedical information sources. Our Natural Language Processing (NLP) and analytics software is used by policy and decision makers to evaluate and prioritize current and emerging areas of research.
We are looking for a Cloud Engineer I to work within the National Library of Medicine (NLM), Lister Hill National Center for Biomedical Communications (LHNCBC), Bethesda, MD. The Cloud Engineer I will have experience in cloud infrastructure administration, DevOps engineering, and cybersecurity compliance. The Cloud Engineer I will have a firm understanding of cloud computing platforms, CI/CD pipelines, containerization technologies, and Federal Information Security Modernization Act (FISMA) requirements.
The Cloud Engineer I shall be able to work well within a team of multidisciplinary professionals spanning software development, data science, biomedical informatics, and IT operations. The selected applicant will be subject to a pre-employment background and reference check.
Required Qualifications24 years of relevant cloud engineering or DevOps experienceBachelor's degree or other degree(s) in Computer Science, Information Technology, Engineering, or related fieldsHands-on experience with cloud platforms (Google Cloud, AWS, and/or Azure) in IaaS, PaaS, and SaaS configurationsProficiency with CI/CD tools such as GitLab, GitHub, Nexus, or equivalent platformsExperience with containerization and orchestration tools, including Docker, Kubernetes, Anthos, and/or OpenShiftWorking knowledge of Infrastructure as Code (IaC) tools such as Terraform, Ansible, Puppet, and/or AWS CDKFamiliarity with FISMA compliance requirements and federal cybersecurity frameworks (NIST SP 800-53, NIST SP 800-171)Experience with version control systems such as Bitbucket and/or GitLabStrong written and oral communication skills; ability to convey technical concepts in plain languagePreferred QualificationsExperience with monitoring and logging tools such as EFK stack, Prometheus, and/or GrafanaFamiliarity with vulnerability scanning and penetration testing tools, including Tenable, Prowler, Netsparker, Checkmark, and/or OWASPExperience supporting Authority to Operate (ATO) processes and developing System Security Plans (SSPs)Knowledge of Identity and Access Management (IAM) and cloud account administration in commercial cloud environmentsExperience with distributed computing systems and batch queuing software, including open-source map/reduce frameworks (e.g., Hadoop)Familiarity with database technologies such as RDS, MySQL, MongoDB, MS SQL, PostgreSQL, and/or ElasticsearchExperience with ticketing and documentation systems such as JIRA, ServiceNow, and/or Confluence WikiKnowledge of FedRAMP requirements and secure remote access administrationPrior experience supporting NIH, HHS, or other federal government IT environmentsRelevant certifications such as AWS Certified Solutions Architect, Google Cloud Professional, Microsoft Azure Administrator, or CompTIA Security+ResponsibilitiesRecommend, deploy, and manage version control systems; support NLM's use of Bitbucket, GitLab, and other platforms as neededImplement and administer CI/CD pipelines for all approved development frameworks at NLM, utilizing tools such as GitLab, GitHub, TeamSite, Nexus, Kubernetes, Ansible, and TerraformRecommend and configure Infrastructure as Code (IaC) tools to support scalable, repeatable deploymentsImplement, administer, and support cross-datacenter deployments using Docker and other containerization toolsSet up, administer, and maintain elastic and cost-efficient container orchestration environments using Kubernetes, Anthos, and/or OpenShiftProvide monitoring and logging capabilities to collect, store, and analyze data on application performance and infrastructure availability using EFK stack, Prometheus, Grafana, and other toolsRecommend and configure vulnerability scanners and penetration testing tools; conduct ongoing vulnerability assessments and threat identification using Tenable, Prowler, Netsparker, Checkmark, and OWASPProvide day-to-day cloud operations support, including secure remote access administration, compute and cost model analysis, and implementation of selected cloud solutionsSupport cybersecurity and risk management activities across NLM enterprise systems, including application, network, system, and database security; resolve identified software, firmware, system, and hardware vulnerabilities within prescribed timeframesAssist the Government in creating, developing, and maintaining Authority to Operate (ATO) documentation and System Security Plans (SSPs) on an annual basis and as neededTrack and manage current known vulnerabilities using Tenable Security CenterProvide technical support for systems and database design; coordinate and implement open-source software such as Apache server servicesAdminister, configure, and maintain distributed computing systems using batch queuing software and open-source map/reduce frameworksProvide customer service to internal and external staff; resolve issues in a highly technical environment through clear communication, administer user accounts, monitor system performance, and track problem reports through JIRA, ServiceNow, and/or equivalent ticketing systemsCreate and maintain technical documentation using Confluence Wiki and other toolsSupport cloud development and cloud computing infrastructure for production web services, high-performance computing, and high-throughput processing environments; administer commercial cloud accounts through IAM and monitor cloud resource utilization efficiencyAssist in implementing, maintaining, and executing computer security practices in accordance with Government FISMA policies, including firewalls, intrusion detection, secure computing environments, and disaster recoveryProvide technical support and guidance to development teams for migration to and utilization of the DevOps platformEnsure compliance with organizational security and privacy policies, protect sensitive data and systems, report security incidents within required timeframes (no later than one hour of discovery), and participate in required annual cybersecurity and privacy training per HHS/NIH requirementsImplement secure coding best practices as directed by US-CERT standards and OWASP guidelines
Salary and BenefitsWe offer a competitive salary and a generous benefits package, including at no cost: full health and dental for you and your dependents, retirement and HSA accounts, short- and long-term disability insurance, life and accident insurance, paid time off, and 11 federal holidays.
LocationBethesda, MD
Equal Employment Opportunity PolicyLexical Intelligence, LLC, provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Lexical Intelligence, LLC | 2001 Veirs Mill Rd #546 | Rockville, MD 20851