Senior Cloud Engineer

Company: Space Telescope Science Institute
Location: Baltimore
Posted on: May 20, 2025

Job Description:

Baltimore
3700 San Martin Drive
Baltimore, MD 21218, USA
Baltimore
3700 San Martin Drive
Baltimore, MD 21218, USA
The Space Telescope Science Institute (STScI) is a multi-mission science and operations center for NASA's flagship observatories. The Cloud Center of Excellence at the Space Telescope Science Institute is seeking a Senior Cloud Engineer to join our team working on NASA flagship Space Telescope missions that are revolutionizing our understanding of the universe.This position can support hybrid work. Candidates must reside in or be willing to relocate to our local market. (MD, DE, VA, PA, DC & WV).This position requires US Citizenship or Permanent Residence in order to meet ITAR requirements.Compensation is commensurate with education and experience. Salary range - $130,000 -150,000In this role, you'll support the cloud DevOps and SysOps automation initiatives & leverage DevSecOp practices and CI/CD pipelines to implement robust automation and monitoring systems using modern engineering/operations frameworks for the AWS cloud applications and environment supporting our space observatories like the Hubble Space Telescope, the James Webb Space Telescope and the Nancy Grace Roman Space Telescope (Roman). Roman is a survey telescope slated for launch in late 2026 and expected to generate 20 PB of data in 5 years.The data from Roman will be mainly processed in the Cloud; in addition, a Science Platform hosted in the Cloud will enable transformational science with Roman data by providing a rich computing environment that will allow broad, low-barrier access to data, computing, and software resources.The STScI also hosts the Mikulski Archive for Space Telescopes (MAST) archive that contains data from more than 20 missions. In this role you will collaborate with cross-functional teams to design, deploy, and maintain secure cloud architectures, automate security processes, and ensure compliance with industry regulations and best practices. Your expertise in AWS cloud infrastructure automaton, Infrastructure as Code (IaC), and DevOps principles will be vital in supporting Roman & enabling world-class scientific discoveries through these pioneering telescope programs.This role will be part of the Cloud Center of Excellence (CCoE) team responsible for managing, supporting central cloud framework, existing cloud applications and helping roll out new cloud application infrastructure with IaC templates in coordination with the engineering teams and supporting continued improvement of the cloud environment.

Responsibilities include:

• Design, implement and maintain the infrastructure automation features of our AWS cloud environment.
• Work closely with the Science, Engineering, IT, Quality Assurance, Security and Site Reliability Engineering teams to improve automation, and the adoption of CI/CD best practices.
• Design and implement solutions to drive improvements in IAM, emphasize automation, efficiency, and scalability and build and review IAM assets, including policies, boundaries for application and DevOps teams, and enhance capabilities within the existing IAM framework.
• Manage and maintain AWS Control Tower framework across multi-account environments including monitoring and enforcing Control Tower guardrails (SCPs, AWS Config rules), and remediate non-compliant resources.
• Customize Control Tower lifecycle events using Lambda or Step Functions for post-account provisioning automation including management of infrastructure baselines across accounts using Infrastructure as Code (IaC) with tools like CloudFormation, CDK, or Terraform.
• Support patching and managing baseline resources for EC2 and container endpoints and infrastructure deployed by Control Tower across environments and work with central security team for compliance and security audit related tasks.
• Maintain compliance visibility through various AWS and non-AWS tools and help to conduct regular log analysis, incident post-mortems, and performance tuning based on monitored data.
• Design and implement DevOps best practices, establishing standards and policies for managing source code and continuous integration/delivery.
• Implement, manage AWS Config rules, related automations and help implement and improve centralized logging analysis to track configuration drift, security violations, and operational anomalies.
• Demonstrate excellent trouble-shooting skills and resolve deployment and environmental issues to closure Support continuous improvements to existing infrastructure, tools, and processes.Qualifications, Technical Skills and abilities:
  • A Bachelor's in Computer Science or equivalent. Minimum of 8 years of relevant software development or large systems integration required with a strong background in automated code testing
  • Extensive experience with AWS Compute, Networking and Developer Tools and related services such as EC2, S3, Lambda, RDS, ECS/EKS. Proficiency in AWS computing framework management tools including Systems Manager (SSM) and implementing best practices for cloud security.
  • A strong understanding of the SDLC, CI/CD, and the Agile software development methodology including experience with deployment automation.
  • Proficient in Docker, Kubernetes, and AWS ECS/EKS for container management and orchestration.
  • Deep understanding of policies, roles, trust relationships, permission boundaries, and federation (SAML/OIDC).
  • Scripting skills required - shell scripts, Python preferred including familiarity with CloudFormation/Terraform, JSON, YAML
  • Experience with developing IaC modules for AWS multi-account framework & AWS organizations
  • Experience with monitoring tools (e.g., AWS CloudWatch, Prometheus, Grafana, DataDog) and setting up proactive monitoring and alerting.
  • Employer retirement contribution - direct STScI contribution of 10% of your salary from your first day
  • 12 days sick leave, up to 24 days' vacation, and 10 paid holidays
  • Flexible work schedule with healthy work/life balance
  • Comprehensive medical/dental/vision/prescription plans, and more!Applications received by06/16/2025will receive full consideration. Applications received after this date will be considered until the position is filled.Individuals needing assistance with the employment process can contact us at careers@stsci.edu.QualificationsSkillsBehaviors:Motivations:EducationExperienceLicenses & CertificationsEqual Opportunity Employer
    This employer is required to notify all applicants of their rights pursuant to federal employment laws.For further information, please review the Know Your Rights notice from the Department of Labor.
    #J-18808-Ljbffr

Keywords: Space Telescope Science Institute, Vineland , Senior Cloud Engineer, Engineering , Baltimore, New Jersey