Cloud Front Engineer

Job Description

The Defense Media Activity (DMA) is seeking a CloudFront Engineer to support the operational performance, security, and scalability of Web.mil websites. The engineer will play a crucial role in architecting, implementing, and maintaining cloud-based Content Delivery Network (CDN) solutions, ensuring high availability and secure content distribution across Department of Defense (DoD) public websites.

Key Responsibilities:

• Design, deploy, and manage AWS CloudFront and other CDN solutions to optimize content delivery for Web.mil websites.
• Configure and maintain edge caching, routing policies, SSL/TLS certificates, and web application firewalls (WAF) to enhance performance and security.
• Implement high-availability, redundancy, and load-balancing strategies for large-scale cloud-hosted applications.
• Monitor network traffic, request handling, and performance metrics to identify potential bottlenecks and mitigate latency issues.
• Perform cloud security assessments and apply DoD-mandated security standards (e.g., STIGs, FedRAMP, DISA policies).
• Collaborate with Web Operations, Security, and DevOps teams to ensure smooth integration of CI/CD pipelines for automated deployments.
• Troubleshoot and resolve CDN-related service outages, misconfigurations, and performance degradations.
• Assist in migrating legacy systems to cloud-based infrastructures, ensuring compliance with DoD cloud security policies.
• Generate detailed technical documentation, diagrams, and reports for system configurations and incident resolutions.
• Provide possible 24/7 on-call support as required for mission-critical website operations.

Required Qualifications:

• 5+ years of experience in Cloud/CDN engineering, with a focus on AWS CloudFront, Akamai, or similar platforms.
• Strong expertise in AWS services (CloudFront, Lambda@Edge, WAF, Route 53, S3, EC2, IAM).
• Experience with web security principles including OWASP Top 10, DDoS mitigation, and zero-trust architectures.
• Hands-on experience with Infrastructure as Code (IaC) tools like Terraform, AWS CloudFormation, or Ansible.
• Proficiency in scripting and automation using Python, Bash, or PowerShell.
• Familiarity with DoD cybersecurity policies, STIGs, and FedRAMP compliance.
• Strong troubleshooting skills in networking (TCP/IP, DNS, HTTP/HTTPS, TLS) and web performance optimization.
• Experience working in a DevSecOps environment with CI/CD pipelines and version control (Git, GitLab, Jenkins).
• Excellent written and verbal communication skills to document solutions and collaborate across teams.

Preferred Qualifications:

• AWS Certified Solutions Architect – Associate or Professional.
• Experience with Azure CDN, Fastly, or Akamai.
• Knowledge of Web Content Accessibility Guidelines (WCAG) 2.1 and Section 508 compliance.
• Experience in media streaming (HLS, DASH) and large-scale content distribution networks.

Location: Fort Meade, MD (On-site/Hybrid)
Clearance Requirement: Active DoD Secret (or ability to obtain)