DEFCON AI - Cloud Infrastructure Engineer

• Cloud Infrastructure & Virtual Systems Administration • Administer and maintain AWS and/or Azure environments, including day-to-day operations of virtual machines, networking, and storage. • Manage VPCs, subnets, routing tables, security groups, NACLs, and private networking constructs • Deploy, maintain, and optimize EC2 instances, RDS, S3, IAM, KMS, Secrets Manager, and CloudTrail • Build and manage hardened VM images (AMIs / golden images) for consistent, repeatable deployments • Implement and support high availability, auto-scaling, and disaster recovery configurations • Support multi-account or multi-subscription cloud governance structures (e.g., AWS Organizations, Azure Management Groups) • Infrastructure as Code (IaC) • Design and maintain infrastructure using Terraform, including modular design, remote state management, and workspace strategies • Lead or support migrations from legacy IaC tooling (e.g., CloudFormation) to modern frameworks • Enforce policy-as-code guardrails and maintain version-controlled infrastructure repositories • Build reusable, secure baseline modules for VPC architecture, IAM roles, logging, monitoring, and encryption • Virtualization & Containerization • Administer virtualized workloads across cloud environments, including sizing, patching, lifecycle management, and cost optimization • Support container-based workloads in ECS and/or EKS, including cluster management, networking, and image security • Assist with transitions from legacy compute paradigms (e.g., EBS-backed instances) to modern container or serverless architectures • Implement automated drift detection and remediation for both VMs and containerized environments • Automation & DevSecOps Integration • Identify and implement automation opportunities to reduce manual operational overhead and improve team velocity • Integrate infrastructure provisioning and security controls into CI/CD pipelines (GitHub Actions, GitLab CI, or equivalent) • Implement and maintain secure secrets management practices • Collaborate with DevSecOps and application engineering teams to enforce least-privilege IAM policies and secure-by-default configurations • Security, Compliance & Monitoring • Configure and monitor AWS CloudTrail, GuardDuty, Security Hub, Config, and centralized logging pipelines • Support SIEM integration (e.g., Splunk, Microsoft Sentinel) and assist with incident response • Maintain vulnerability management lifecycle including patching, remediation tracking, and reporting • Support compliance efforts aligned with relevant frameworks (NIST 800-171, CMMC, HIPAA, SOC 2, or FedRAMP as applicable) • Cross-Functional Collaboration & Documentation • Partner with development, security, and IT operations teams to deliver reliable, scalable services • Produce and maintain thorough documentation — architecture diagrams, runbooks, SOPs, and evidence artifacts for audits or assessments • Contribute to budget management, resource planning, and capacity forecasting for cloud environments