Cloud Computing Engineer
The Cloud Computing Engineer designs, creates, configures, and delivers cloud infrastructure environments for a variety of environments across BCBSA using best practices and business acumen. This role includes all technological aspects associated with cloud computing technology stack, including architecture, security, design, planning, management, maintenance, and support. The scope of the role includes extensive knowledge of on-premise (private), off-premise (public), and hybrid cloud models along with cloud implementation service models (IaaS, PaaS, and SaaS).
The major purpose of this role will be mapping of our on-premise compute to cloud. Lead/oversee the cloud infrastructure environment construction and implementation during the life cycle of the solutions. Evaluate the success of architecture, network, security, and environment designs as they are implemented. Evaluate strengths and flaws in architecture, network, security, and environment designs for continuous improvement. Communicate with management and technical personnel on cloud adoption and usage topics on a continuous basis. May be required to represent EIT in a project as a technical lead. May be required to coordinate with other EIT personnel.
Key Responsibilities:
- Design cloud infrastructure environments with best practice configurations for a wide variety of systems including databases, web services, and messaging systems.
- Efficiently translate project requirements from architecture/environment diagrams to formulate appropriate questions to identify and remediate design gaps.
- Review and analyze architecture-level security solutions at the domain or product level to transform them into cloud infrastructure designs and implementations.
- Establish strategic relations with key technology vendors to influence changes in future product releases.
- Research and benchmark best practices and/or products in the area of cloud technologies.
- Maintain knowledge of cloud technologies, trends, and standards.
- Provide input to the content of Requests for Information / Proposal (RFI/P) around the BCBSA technology architecture/infrastructure requirements.
- Conduct trend analyses to track emerging industry trends and technologies.
- Assist in the evaluation of new tools, technologies, and/or processes to maintain and enhance the critical system infrastructure.
Cloud Security:
Possesses a thorough understanding of cloud security fundamentals, such as encryption, key management, identity management, shared cloud security, logging, and monitoring cloud infrastructure. Continually evaluate new cloud infrastructure threats with associated mitigating designs and their impact on IT and business operations.
Documentation:
Document cloud design guidelines for both new business applications and the porting of existing BCBSA Business applications to align with a cloud model. Participate and conduct liaison activities in reviewing application designs, providing recommended alterations, and partnering with enterprise architects to transform current application design principles to be more cloud aligned.
Collaboration:
Work closely with network and application security engineers to assure BCBSA applications and systems are designed and configured to conform to security architectures and policies.
Education
- High School Diploma, Bachelor's Degree in Computer Science, Information Security, or related discipline or equivalent experience in the field.
- Master's Degree (preferred)
Certifications
- Certification in one Cloud Platform (AWS preferred)
Experience
- Experience with Amazon Linux, Red Hat Linux 8 & 9, OpenShift, and VMC on AWS.
- 5+ years of enterprise-level Infrastructure consulting or implementation experience.
- Experience with Ansible, Powershell, or other automation environments and scripting technologies.
- Experience migrating workloads from on-premise to cloud.
- Focus on Infrastructure support, design, build, deployment, and system hardening.
- Experience with network technologies and monitoring tools.
- Experience using AWS CDK for IaC automation.
Skills
- Excellent communication skills, verbal and written.
- Knowledge of networking fundamentals, including VPN configuration.
- Familiarity with Containerization.
- Good working knowledge of application protocols, such as HTTP(S), SMTP, SSL, and DNS.
- Common applications of cryptography, such as X.509 PKI, PGP, etc.
- Knowledge of Active Directory.
- Security event and log management.
- Identity and access management.
- Encryption in the cloud.
- Understanding of the latest security principles, techniques, and protocols.
- Ability to engage in end-to-end troubleshooting of technical issues.
- A strong background in developing Infrastructure automation using Ansible Automation Platform and other cloud orchestration tools is desired.
- Familiarity with DevOps methodology and tools like Docker, Git, RedHat Satellite.
People Management
LI_HYBRID