Senior Cloud Architect Lead

Introduction

Make a difference for national security by joining a team of dedicated IT professionals who will sustain, modernize and transform the enterprise IT capabilities for the Defense Counterintelligence and Security Agency (DCSA).  The Air Force, Space & Intel Business Group (AFSI) of SAIC is seeking a Senior Cloud Architect Lead to support a transformational infrastructure program for DCSA. 

SAIC is proud to be supporting DCSA in safeguarding our nation’s information. DCSA is the designated oversight authority on the accreditation of classified facilities, information systems, and the insider threat program. This involves security oversight of more than 10,000 companies and approximately 13,000 facilities involved in classified work throughout the DoD and 31 Federal agencies. 

Specifically, on the DCSA One IT program, SAIC will provide an enterprise IT solution that delivers highly secure and adaptable IT infrastructure, provide customer support, and cutting-edge technologies that support operations and advance the DCSA mission under a single IT environment (i.e., One IT). 

This position is remote with limited travel. 

Job Description 

• Serve as a cloud architecture leader, providing guidance and mentorship to team members, while supporting a DoD mission program. Design and deliver secure, compliant workloads within a platform-managed hub-and-spoke environment across AWS GovCloud and Azure Government.
• Architect and deliver secure, scalable AWS‑centric solutions (with multi‑cloud fluency across Azure Government/GCP) as a spoke workload team operating inside a platform‑managed hub‑and‑spoke environment. 
• Be well‑versed in platform management constructs (network hub, identity, operations, DevOps, shared services) to facilitate design discussions and articulate workload requirements to platform owners/providers. 
• Operate as a liaison between mission teams, leadership, and platform providers, ensuring workload strategies align with programmatic, operational, and compliance goals.
• Translate DoD operational constraints (Cloud Computing SRG impact levels, RMF/ATO, DISA STIGs) into practical workload architectures and deployment patterns that inherit and align with platform guardrails. 

Key Responsibilities:

• Leadership & Team Management
  • Mentor and manage team members involved in workload architecture and cloud deployment to ensure technical proficiency, adherence to compliance requirements, and timely delivery of mission objectives.
  • Foster a collaborative team environment, driving alignment on priorities and ensuring clear communication.
  • Act as the primary technical point of contact for workload-related activities, providing direction to the team while coordinating with external stakeholders, including platform owners, vendor teams, and mission partners.
• Requirements & Coordination with Platform Providers
  • Define and communicate workload requirements for routing, firewall/inspection, DNS, identity trust, logging/telemetry, secrets, and egress—packaged as intake/change requests to the platform team with clear technical specifications and risk/treatment rationales. 
  • Manage cross-functional teams and discussions, ensuring alignment between workload needs and platform provisioning, while clarifying roles and responsibilities for network components like TGW attachments, VPCs, subnets, endpoints, and route tables.
• Architecture & Delivery (Spoke Workloads)
  • Drive the creation of workload reference architectures and IaC templates (Terraform/CloudFormation/Bicep/CDK) ensuring alignment with platform guardrails and program security policies (e.g., SCPs/Org Policies, Azure Policy, tagging, encryption/KMS/CMEK). 
  • Lead the team in Implementing secure network zoning and service exposure (PrivateLink/VPC endpoints, ALB/NLB, WAF) ensuring alignment with centralized inspection at the hub. 
  • Design CI/CD pipelines with security/compliance gates that inherit platform logging and monitoring (CloudTrail/Config/Security Hub; Azure Log Analytics/Sentinel) and feed continuous monitoring/POA&M workflows. 
• DoD Compliance & Security Engineering (Within Workload Scope)
  • Map workload data and mission needs to SRG IL2–IL6 and engineer control implementations that leverage platform inheritance where available; drive RMF documentation, STIG hardening/SCAP automation, and ATO/IATT artifacts for the workload. 
  • Provide team guidance on applying Zero Trust principles, including identity‑centric access, micro‑segmentation, and DevSecOps, ensuring alignment with DoD mission cloud practices. 
• Vendor/ISV Collaboration & Technical Assessments
  • Lead collaboration efforts with external vendors and industry solution providers to evaluate COTS/ISV solutions for mission fit and DoD compliance.
  • Facilitate engineering design reviews, ensuring the ability to document trade-offs, residual risks, and mitigation plans in alignment with DoD guidelines.
• Reliability, Resilience & Cost Management
  • Define and manage workload resilience strategies, including Multi‑AZ/Region configurations, backups, and failover mechanisms within impact level boundaries; document DR strategies and exercise runbooks compatible with platform‑managed services.
  • Guide team members in Implementing and monitoring FinOps practices for ongoing cost control, including budget tracking, reserved capacity planning, and resource rightsizing.