Sr AWS Engineer - Hybrid

Genesis
10 is seeking a Sr AWS Engineer for a 6‑month contract‑to‑hire position with a leading client in Columbus, OH. This position will work on a hybrid schedule.

Compensation: $60.00 - $70.00 per hour, W2, depending on skill and experience level.

The Senior AWS Engineer serves as the technical lead for our FedRAMP Authorized (Moderate FISMA) cloud environment supporting our SaaS platform. The Senior AWS Engineer will translate security controls into infrastructure‑as‑code, maintain and evolve a Terraform‑managed AWS stack, and implement a robust Dev Sec Ops  toolchain. This role will integrate tools, including Okta, Entra, Elastic Cloud, Qualys, Sonar Qube, Nessus, Cloudflare, and Git Lab while optimizing AWS RDS performance.

Additionally, this role is a hands‑on leadership position requiring close collaboration across Compliance, Infrastructure, Development, and Product teams, as well as mentorship of a Junior AWS Engineer.

• Designs and implements secure, highly available AWS environments using Terraform – emphasizing VPC (Virtual Private Cloud) design, IAM (Identity Access Management) least privilege, FIPS encryption, and network segmentation.
• Provisions, tunes, and maintains AWS RDS (SQL Server) with a focus on performance, backups, and high availability.
• Develops and maintains CI/CD pipelines in Git Lab, integrating SAST (Sonar Qube), DAST (Qualys), vulnerability scanning (Nessus), and Terraform automation.
• Translates FedRAMP/NIST 800‑53 Rev 5 security controls into technical safeguards; remediates findings and supports continuous ATO (Authority to Operate).
• Integrates SSO (Single Sign‑On) and RBAC (Role‑Based Access Control) using Okta and Entra across AWS, Git Lab, Elastic Cloud, and related SaaS platforms.
• Operates Elastic Cloud SIEM and AWS Guard Duty; responds to alerts, coordinates incident response, and leads post‑mortem analysis.
• Mentors and supports the Junior AWS Engineer; conducts code reviews and champions Dev Sec Ops  culture.
• Defines SLIs (Service Level Indicators)/SLOs (Service Level Objectives), implements disaster recovery and backup strategies, and leads service improvement initiatives.
• Collaborates with stakeholders to convert regulatory and product needs into secure cloud capabilities; articulates security posture to leadership and clients.
• Participates in a rotating 24x7 on‑call support schedule.
• Performs other related duties as assigned.

• Bachelor's degree in computer science or related field (preferred).
• Relevant certifications strongly preferred: AWS Solutions Architect – Professional, AWS Security Specialty, AWS Dev Ops Engineer, CISSP or similar.
• 8+ years of experience in software or cloud engineering, including 5+ years designing and operating workloads on AWS.
• Deep expertise with AWS core services: VPC, IAM, ECS/EKS, Lambda, RDS, S3, KMS, Cloud Watch, Security Hub, and Control Tower.
• Strong background in Infrastructure as Code (IaC) using Terraform‑modules, state management, and CI‑driven deployments.
• Experience provisioning, tuning, and maintaining AWS RDS (SQL Server).
• Solid foundation in both Linux and Microsoft Windows operating systems.
• Direct experience supporting at least one FedRAMP Moderate (or higher) authorized system, including audit preparation and evidence submission.
• Working knowledge of FedRAMP Moderate, NIST SP 800‑53 Rev 5, and NIST SP 800‑37.
• Experience mapping security controls, maintaining SSPs, POA&Ms, and delivering continuous monitoring artifacts.
• Hands‑on experience with security tools such as Elastic Cloud SIEM, Qualys Cloud WAS, Sonar Qube, Nessus, and AWS Guard Duty.
• Ability to translate regulatory requirements into technical safeguards.
• Proficiency in Git Lab CI/CD, including runners, pipelines, and Git Ops workflows.
• Experience building security gates into CI/CD processes (SAST, DAST, vulnerability scans, Terraform automation).
• Automation‑first mindset with fluency in at least one backend language (Python, Go, or Java) and scripting (Bash or Power Shell).
• Experience integrating and managing SSO solutions with Okta and Entra (SAML/OIDC, SCIM, MFA, RBAC policy design).
• Familiarity with fine‑grained access control…