Cloud Infrastructure Engineer

ABOUT DEFCON AI RESILIENCE IN THE FACE OF DISRUPTION. DEFCON AI is an insights company that leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. In today’s dynamically changing world, DEFCON AI’s technology aligns outcomes with operational goals, better decision making, and empowers customers to anticipate assess, and mitigate the impacts of disruptions. About the Role We are seeking an experienced Cloud Infrastructure Engineer to design, deploy, and administer cloud environments with a strong emphasis on virtualization, automation, and security. This role owns the full lifecycle of cloud infrastructure — from virtual machine provisioning and network architecture to Infrastructure as Code (IaC) deployments and continuous monitoring. The ideal candidate brings hands-on experience managing AWS and/or Azure environments, operating container platforms, and translating operational complexity into scalable, secure solutions. Experience working in regulated or compliance-driven industries (e.g., healthcare, defense, finance) is a strong plus. Key Responsibilities Cloud Infrastructure Virtual Systems Administration Administer and maintain AWS and/or Azure environments, including day-to-day operations of virtual machines, networking, and storage. Manage VPCs, subnets, routing tables, security groups, NACLs, and private networking constructs Deploy, maintain, and optimize EC2 instances, RDS, S3, IAM, KMS, Secrets Manager, and CloudTrail Build and manage hardened VM images (AMIs / golden images) for consistent, repeatable deployments Implement and support high availability, auto-scaling, and disaster recovery configurations Support multi-account or multi-subscription cloud governance structures (e.g., AWS Organizations, Azure Management Groups) Infrastructure as Code (IaC) Design and maintain infrastructure using Terraform, including modular design, remote state management, and workspace strategies Lead or support migrations from legacy IaC tooling (e.g., CloudFormation) to modern frameworks Enforce policy-as-code guardrails and maintain version-controlled infrastructure repositories Build reusable, secure baseline modules for VPC architecture, IAM roles, logging, monitoring, and encryption Virtualization Containerization Administer virtualized workloads across cloud environments, including sizing, patching, lifecycle management, and cost optimization Support container-based workloads in ECS and/or EKS, including cluster management, networking, and image security Assist with transitions from legacy compute paradigms (e.g., EBS-backed instances) to modern container or serverless architectures Implement automated drift detection and remediation for both VMs and containerized environments Automation DevSecOps Integration Identify and implement automation opportunities to reduce manual operational overhead and improve team velocity Integrate infrastructure provisioning and security controls into CI/CD pipelines (GitHub Actions, GitLab CI, or equivalent) Implement and maintain secure secrets management practices Collaborate with DevSecOps and application engineering teams to enforce least-privilege IAM policies and secure-by-default configurations Security, Compliance Monitoring Apply and maintain security hardening baselines (CIS Benchmarks, DISA STIGs) for Linux and Windows virtual systems Configure and monitor AWS CloudTrail, GuardDuty, Security Hub, Config, and centralized logging pipelines Support SIEM integration (e.g., Splunk, Microsoft Sentinel) and assist with incident response Maintain vulnerability management lifecycle including patching, remediation tracking, and reporting Support compliance efforts aligned with relevant frameworks (NIST 800-171, CMMC, HIPAA, SOC 2, or FedRAMP as applicable) Cross-Functional Collaboration Documentation Partner with development, security, and IT operations teams to de ... (truncated, view full listing at source)