By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide.

Cole Engineering Services (CESI), a By Light company, is recognized as a premier provider of modeling and simulation (M&S) training solutions to the Federal Government and industry. Since 2004, CESI has been at the forefront of developing, maintaining, and integrating simulation-based training, serious gaming, technical services, training and other support in live, virtual, constructive, and gaming (LVCG) domains.  CESI also designs, builds and runs infrastructure, platforms, applications and processes that enable cyber training for the integrated multi-domain force. Our vision is to become a worldwide full spectrum LVCG and cyber training/analysis developer, integrator and services provider.

Cole Engineering Services, Inc. is seeking a highly qualified DevOps Engineer to support deployment and application management across mission-critical cloud environments that power DoD cyber training capabilities. You will design and manage a robust CI/CD cloud pipeline supporting cyber ranges, training orchestration, and multi-tenant applications in FedRamp approved cloud environments. You will partner closely with cybersecurity, system architecture, networking, and training operations teams to deliver secure, scalable capabilities aligned to DoD RMF, DISA STIGs, and the DoD Cloud Computing SRG (Impact Levels IL2–IL6).

Position Impact

In this role, you will be a key technical leader ensuring the DoD’s cyber training enterprise platforms are secure, resilient, and efficient, enabling cyber operators to execute complex cyber exercises at scale while meeting stringent compliance and mission requirements.

• Design, implement, and maintain cloud infrastructure using Infrastructure as Code (IaC) principles
• Manage multi-account cloud environments following DoD cloud security requirements
• Implement and maintain Virtual Private Clouds (VPCs), subnets, and network security groups.
• Configure and optimize cloud services including AWS EC2, S3, RDS, Lambda, ECS/EKS, and CloudFormation
• Ensure compliance with DoD Security Technical Implementation Guides (STIGs) and Risk Management Framework (RMF) requirements
• Design and implement automated CI/CD pipelines using applications such as GitLab CI/CD or Jenkins
• Develop containerization and orchestration strategies using industry-standard tools.
• Implement automated testing, security scanning, and quality gates in deployment pipelines
• Manage artifact repositories and container registries in accordance with DoD security policies
• Create and maintain deployment automation scripts using Python, Bash, or PowerShell
• Support security best practices for cloud environments including encryption, access controls, and monitoring
• Conduct regular security assessments and vulnerability scanning using tools like Nessus, ACAS, or Prisma Cloud
• Support security compliance with NIST 800-53 controls and DoD cloud security requirements
• Support Authority to Operate (ATO) processes and documentation
• Implement and maintain STIG compliance automation tools
• Provide technical support to development teams for deployment and infrastructure issues
• Participate in Agile ceremonies and contribute to sprint planning
• Document infrastructure designs, runbooks, and standard operating procedures
• Mentor junior team members and conduct knowledge transfer sessions
• Coordinate with Government stakeholders and cross-functional teams

• 3-5+ years of hands-on DevOps/Cloud engineering experience
• Minimum of 2 years of experience with AWS cloud services.
• Associates or Bachelor’s degree in a related technical discipline such as computer science or information technology from an accredited college or university.
• Strong understanding of GovCloud (US) patterns and boundary controls.
• Excellent communication, documentation, stakeholder engagement skills, and the ability to lead cross-functional initiatives.
•  

• AWS Certifications:
  • AWS Certified Solutions Architect – Associate;
  • AWS Certified DevOps Engineer – Professional; and/or
  • AWS Certified SysOps Administrator – Associate
• Kubernetes certifications: CKA/CKS
• Understanding of Zero Trust architecture principles.
• Infrastructure-as-code mastery (Terraform and/or CloudFormation), pipelines (GitLab/Jenkins), and configuration management (Ansible/Chef).
• Experience with Scaled Agile Framework (SAFe) Agile methodology
• Understanding of RMF accreditation (SSP, POA&M, Continuous Monitoring) and control implementation under NIST SP 800-53 Rev. 5
• Hands-on application of DISA STIGs and DoD Cloud Computing SRG for IL2–IL6 workloads.

• U.S. citizenship required.
• Active DoD Secret clearance preferred; If not already cleared, candidate will be required to obtain and maintain a Top Secret/SCI clearance as a condition of employment.
• Required within 6 months:
  • DoD 8570/8140 compliance: IAT II (Security+); IAT III/CISSP or CASP+
• This is a remote work position with periodic travel (10%) to DoD sites (CONUS) and to CESI Headquarters in Orlando, FL.

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. The above is intended to describe the general contents of and requirements for the performance of this job.

Cole Engineering Services, Inc. is an equal opportunity employer. We consider qualified applicants without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, political affiliation, age, marital status, disability, genetic information, veteran status, membership in an employee organization, or any other basis prohibited by federal, state, or local laws.