The Opportunity:
The Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program seeks a Cloud Principal Architect – Networking to support the United States Coast Guard (USCG) enterprise cloud strategy. This senior-level role will provide architectural oversight and subject matter expertise in designing, implementing, and optimizing cloud networking solutions across Microsoft Azure and Amazon Web Services (AWS) platforms in IL4/IL5 environments. The ideal candidate will lead secure, scalable network design, advise senior leadership, and guide technical teams on cloud connectivity, segmentation, Zero Trust integration, and compliance alignment.
Responsibilities:
-Lead enterprise architecture design for secure cloud networking within hybrid, multi-cloud environments (Azure, AWS).
-Serve as the SME for cloud routing, VPC/VNet peering, ExpressRoute, Direct Connect, VPNs, firewalls, and load balancers.
-Develop and maintain network security architecture that complies with DoD Cloud Computing SRG, NIST SP 800-53, and FedRAMP.
-Design and enforce segmentation strategies using Azure Private Link, AWS PrivateLink, NSGs, NACLs, and transit gateways.
-Architect and validate end-to-end Zero Trust access patterns across network boundaries, including ICAM and SASE integration.
-Guide the implementation of advanced monitoring and network telemetry tools (e.g., Azure Network Watcher, VPC Flow Logs, AWS GuardDuty).
-Provide design and architecture artifacts including diagrams, decision matrices, and bill-of-materials in support of cloud initiatives.
-Collaborate with cybersecurity teams on STIG enforcement, traffic inspection, and cloud-native firewall deployment (e.g., Azure Firewall, AWS WAF).
-Work with mission owners and platform teams to define cloud networking requirements and ensure compliant, high-availability designs.
-Present architecture strategies and recommendations to senior leadership, including USCG AO, cybersecurity advisors, and DHS CDM stakeholders.
-Provide escalation support and guidance on cloud networking incidents and outages, supporting root cause analysis and remediation.
-Support cloud onboarding processes by advising on secure network connectivity for new services and mission applications.
Qualifications:
Active DoD Secret clearance.
Current DoD 8570 IAT Level II certification (Security+ CE or equivalent).
Bachelor’s degree in Computer Science, Network Engineering, or related discipline (or equivalent experience).
5+ years of experience in enterprise network architecture, including 5+ years designing cloud networking solutions.
Deep experience with hybrid networking, including ExpressRoute, Direct Connect, Site-to-Site VPNs, SD-WAN, and MPLS.
Expert-level knowledge of routing protocols (BGP, OSPF), NAT, DNS, TLS, and IPsec.
Hands-on experience with Azure networking (VNet, NSG, Application Gateway, Private Link, UDRs).
Hands-on experience with AWS networking (VPC, Route Tables, Transit Gateway, PrivateLink, Security Groups).
Experience with cloud-native network security and firewalling strategies.
Familiarity with DoD compliance requirements including IL4/IL5 controls, STIGs, and FedRAMP High.
Desired:
-Azure Network Engineer Associate, AWS Advanced Networking Specialty, or equivalent certifications.
-Experience in designing and supporting IL4/IL5 cloud environments for DoD or DHS.
-Knowledge of software-defined networking (SDN), microsegmentation, and container networking (e.g., AKS/EKS).
-Familiarity with Palo Alto, Versa, or other advanced third-party firewall solutions in cloud.
-Experience integrating ICAM and network controls in a Zero Trust architecture.
-Strong communication and presentation skills for interfacing with senior stakeholders.
________________________________________________________________________________________
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.
Your potential is limitless. So is ours.
Learn more about CACI here.
________________________________________________________________________________________
Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$105,100-$231,100CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.