Cloud Architect

DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. With a focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, DMI supports public sector agencies and commercial enterprises around the globe. Recognized as a Top Workplace, DMI is committed to delivering secure, efcient, and cost-effective solutions that drive measurable results. Learn more at www.dminc.com

The Cloud Architect serves as the principal technical authority for designing, planning, and overseeing the migration of business services and mission systems/applications from on-premises infrastructure to the an established Virtual Private Cloud (VPC) on the Microsoft Azure-based sovereign cloud environment. This role is critical to the contract's objective: transitioning operations across unclassified and classified domains (NIPRNet, SIPRNet, and JWICS) utilizing remote desktop capabilities moving into the cloud, while maintaining uninterrupted on-premises operations throughout the migration.

The Cloud Architect must balance the dual mandate of sustaining current on-premises operations while architecting and executing a phased cloud migration that ramps cloud-specific skill sets from contract inception and levels off over the five-year timeframe. As on-premises personnel migrate to cloud roles or transition out, this position ensures the right skill sets are in place at the right time.

2. Duties and Responsibilities

2.1 Cloud Migration Architecture and Planning
* Design and develop the end-to-end cloud migration architecture for transitioning NCIS on-premises systems to the Defense-centric Azure-based sovereign VPC across NIPR, SIPR, and JWICS domains.
* Conduct thorough assessment of existing on-premises systems, applications, databases, and infrastructure to develop detailed migration plans with phased timelines per network domain.
* Architect scalable, secure, and compliant cloud solutions that leverage DON Nautilus capabilities, ensuring alignment with DoD, Navy, and IC directives, policies, and reference architectures.
* Design cloud-native architectures incorporating high availability, disaster recovery, data security, micro-segmentation, Zero Trust principles, and multi-factor authentication.
* Develop and maintain cloud migration and development documentation and plans.
* Ensure minimal disruption to operations during migration and provide post-migration support to optimize application performance, scalability, and security.

2.2 Cloud Application Architecture
* Architect cloud-native applications and oversee migration of existing applications to the Azure VPC environment, ensuring scalability, security, and performance optimization.
* Define and enforce modern development practices including Agile methodologies, CI/CD pipelines, and containerization using Docker and Kubernetes.
* Architect the transition from on-premises Microsoft products (Outlook, SharePoint, MS Office, Visio) to cloud-based O365 products and capabilities including PowerApps, SharePoint Online, and InTune for mobile device management.
* Design integration patterns between cloud-based services and existing on-premises systems during the phased transition period.
* Support development of mission applications within the VPC environment, including account management, Service Desk integration, and cloud cost model management.

2.3 Enterprise Architecture and Technology Standards
* Define and maintain the Enterprise Architecture across the NCIS Enterprise as it relates to cloud infrastructure, ensuring alignment with DoD Architecture Framework (DODAF) and approved EA frameworks such as TOGAF or Zachman.
* Develop and maintain technology standards and roadmaps across key cloud technology domains, evaluating emerging technologies based on mission requirements, operational effectiveness, and lifecycle cost.
* Develop and maintain architecture artifacts including modeling, diagrams, and documentation; update and maintain the NCIS repository for architecture artifacts.
* Support the Government in managing the full technology lifecycle from initial cloud adoption through sustainment and eventual on-premises decommissioning.
* Identify and promote adoption of emerging cloud technologies and innovative solutions; develop options for process improvement.

2.4 Cloud Infrastructure and Security
* Architect virtualization platform migrations from on-premises VMware to Azure cloud, ensuring high availability, performance, and scalability of virtualized infrastructure.
* Design cloud storage architectures to transition SAN/NAS infrastructure to cloud-based storage solutions, ensuring data integrity, recoverability, and compliance.
* Ensure all cloud architectures comply with ICD 505, Risk Management Framework (RMF), NIST standards, DISA STIGs, and Security Requirements Guides (SRGs).
* Architect cloud security controls including firewalls, IDS/IPS, endpoint detection and response (EDR), SIEM integration, and data loss prevention in the VPC environment.
* Support Assessment and Authorization (A&A) activities for cloud systems, including development of System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
* Architect Comply to Connect (C2C) and Zero Trust implementation within the cloud environment, including least privilege access controls and continuous monitoring.

2.5 Data Architecture and Cloud Data Services
* Design scalable and secure data architectures at conceptual, logical, and physical levels optimized for cloud performance and growth, leveraging cloud-native technologies.
* Architect the transition of data from on-premises to cloud-based platforms, ensuring data security and compliance with federal, DoD, and CJIS policies throughout the migration.
* Design hybrid data solutions combining data lakes and data warehouses within the VPC, supporting structured, semi-structured, and unstructured data handling.
* Architect data federation and real-time data integration strategies enabling seamless access across multiple systems without physical data movement.
* Ensure cloud data architectures comply with DoJ CJIS standards, NIEM Open framework, Privacy Act requirements, and CUI Program requirements for law enforcement data.

2.6 Collaboration, Stakeholder Engagement, and Knowledge Transfer
* Collaborate with stakeholders across the organization to gather business and technical requirements, ensuring architectural decisions are informed, transparent, and aligned with mission objectives.
* Communicate architecture plans, decisions, and recommendations to senior leadership through formal presentations, briefings, and documentation.
* Provide mentorship and guidance to other IT professionals, promoting architectural principles, best practices, and standards to foster technical excellence.
* Coordinate with the government workforce throughout the cloud transition, ensuring skill set alignment and smooth personnel transitions between on-premises and cloud operations.
* Provide training to internal personnel on the new cloud environment and ensure successful integration of cloud-based services with existing systems.
* Participate in Integrated Project Team (IPT) working groups and facilitate issue resolution related to cloud migration efforts.

Bachelor's degree in Computer Science, Information Technology, Cloud Computing, Systems Engineering, or related technical discipline from an accredited institution.
• Master's degree in a related field preferred and may substitute for one (1) year of experience.

• Minimum eight (8) years of progressive IT experience, with at least five (5) years in enterprise cloud architecture, design, and deployment.
• Minimum three (3) years of demonstrated experience with Microsoft Azure cloud platform, including Azure Virtual Private Cloud, Azure Active Directory, Azure Security Center, and Azure DevOps.
• Demonstrated experience architecting and executing large-scale cloud migrations (500+ users, multi-application environments) from on-premises to cloud infrastructure.
• Experience working across multiple classification domains (NIPRNet, SIPRNet, JWICS) in a DoD or Intelligence Community environment.
• Experience with virtualization technologies including VMware vSphere/ESXi, Hyper-V, and cloud-based virtual infrastructure management.
• Experience designing and implementing hybrid cloud architectures supporting phased migrations with concurrent on-premises and cloud operations.
• Demonstrated experience with federal government IT environments, preferably DoD or law enforcement agencies.
• Experience with enterprise data migration strategies including ETL processes, data validation, and data integrity assurance across classification boundaries.

• CompTIA Security+ CE (or higher IAT/IAM Level II/III certification per DoD 8140/SECNAV M-5239.2) - must be current at time of performance start.
• Microsoft Certified: Azure Solutions Architect Expert (AZ-305) or equivalent Azure architecture certification.
• Must meet DON Cyber IT/Cybersecurity Workforce (CWF) baseline certification requirements.
• CWF specialty code-related training must be completed within six (6) months of reporting.

• Active Top Secret (TS) clearance with Sensitive Compartmented Information (SCI) eligibility at contract start.
• Must be eligible and adjudicated to the SCI level within six (6) months of start.
• Must be willing to undergo Counterintelligence (CI) Polygraph if identified post-award.
• Must sign Non-Disclosure Agreement per DFARS 227.7103-7.

• Experience with DON Flankspeed platform and Nautilus capabilities.
• Microsoft Certified: Cybersecurity Architect Expert (SC-100).
• AWS Certified Solutions Architect or Google Cloud Professional Cloud Architect (multi-cloud perspective).
• TOGAF 9 or Zachman Enterprise Architecture certification.
• Experience with O365 migration at enterprise scale including Exchange Online, SharePoint Online, PowerApps, Teams, and InTune MDM.
• Experience with CJIS Security Policy compliance and Criminal Justice Information Services environments.
• Certified Kubernetes Administrator (CKA) or Docker Certified Associate.
• Experience with FedRAMP authorization processes and cloud security compliance frameworks.
• ITIL v4 Foundation or higher certification.
• PMP or equivalent project management certification.
• Experience with SAN/NAS to cloud storage migration strategies.
• Experience supporting law enforcement or counterintelligence IT operations.
• Knowledge of NIEM Open framework for data interoperability.

#LI-MS3

DMI is a diverse, prosperous, and rewarding place to work. Our culture is shaped by five core values that guide how we work, grow, and succeed together:

• Do What's Right - We lead with honesty and integrity.
• Own the Outcome - We take responsibility and deliver.
• Deliver for Our Customers - We are relentless about delivering value.
• Think Bold, Act Smart - We innovate with purpose.
• Win Together - We collaborate and celebrate our success.

These values aren't just ideals-they show up in how we support every part of your well-being:

• Convenience/Concierge - Virtual health visits, commuter perks, pet insurance, and entertainment discounts that make life easier.
• Development - Annual performance reviews, tuition assistance, and internal career growth opportunities to help you thrive.
• Financial - Generous 401(k) matches, life and disability insurance, and financial wellness tools to support your future.
• Recognition - Annual awards, service anniversaries, referral bonuses, and peer-to-peer shoutouts that spotlight your achievements.
• Wellness - Healthcare coverage, wellness programs, flu shots, and biometric screenings to support your health.

DMI values employees for their talents and contributions, and we take pride in helping our customers achieve their goals. Because when we live our values, we all win together.

***************** No Agencies Please *****************

Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.