Cloud Computing Engineer II (Network Engineer)

Posted:
10/6/2024, 5:00:00 PM

Location(s):
Illinois, United States ⋅ Chicago, Illinois, United States

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Hybrid

The Cloud Computing Engineer owns the designs, development, configuration and delivery of cloud infrastructure environments a variety of applications across BCBSA using best practices and business acumen. This role includes managing the technological aspects associated with one or more of the following: cloud computing technology stack, including architecture, security, design, planning, management, maintenance, support, storage and backup. The scope of the role includes the extensive knowledge of on premise (private), off-premise (public) and hybrid cloud models along with cloud implementation service models (IaaS, PaaS and SaaS). May manage the technologies and techniques to automate the provisioning and management of software defined infrastructure in a distributed cloud environment through scripting and coding. Lead/oversee the cloud infrastructure environment construction and implementation during the life cycle of the solutions. Evaluate the success of architecture, network, security and environment designs as they are implemented. Evaluate strengths and flaws in architecture, network, security and environment designs for continuous improvement. Communicate with management and technical personnel on cloud adoption and usage topics on a continuous basis. May be required to represent EIT in a project as a technical lead. May be required to coordinate with other EIT personnel.

  • Efficiently translate project requirements from architecture/environment diagrams to formulate appropriate questions to identify and remediate design gaps. Review and analyze architecture level security solutions at the domain or product level to transform them into cloud infrastructure designs and implementations. Establish strategic relations with key technology vendors in order to influence changes in future product releases. Must have experience with cloud technologies including but not limited to compute, storage, network, and databases.
  • Drive the design of self-healing and fault-tolerant cloud services and infrastructure environments with best practice configurations for a wide variety of systems including databases, web services and messaging systems, and other application support environments. Efficiently translate project requirements from architecture/environment diagrams to formulate appropriate questions to identify and remediate design gaps. Review and analyze architecture level security solutions at the domain or product level to transform them into cloud infrastructure designs and implementations. Establish strategic relations with key technology vendors in order to influence changes in future product releases. Must have experience with cloud technologies including but not limited to compute, storage, network, and databases.
  • Accountable for conducting research and benchmarks best practices and/or products in the area of cloud technologies. Routinely gathers and assesses changing BCBSA business needs. Analyzes and modifies enterprise technology strategy and architecture. Analyzes how business processes interact with technology to create value for the business. Maintains knowledge of cloud technologies, trends, and standards. Provides input to the content of Requests for Information / Proposal (RFI/P) around the BCBSA technology architecture / infrastructure requirements and guiding principles. Conducts trend analyses to track emerging industry trends and technologies. Research, and assist in the piloting the evaluation of new tools, technologies, and/or processes to maintain and enhance the critical system infrastructure.
  • Manages cloud configuration to ensure systems are up-to-date to latest security patches and operational resilience to incidence. Work with EIT staff to plan and ensure updates are conducted on a timely basis across all Enterprise systems. Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks. Possesses a thorough understanding of cloud security fundamentals, such as; Encryption, Key Management, Identity to/from the cloud, shared cloud security, logging and monitoring cloud infrastructure. Automate the process of patching and vulnerability remediation. Continually evaluate new cloud infrastructure threats with associated mitigating designs and their impact on IT and Business operations always balancing these needs to develop and implement the best security solutions for the business.
  • Owns development of cloud computing templates and implementation guidance for applications that leverage IaaS solutions to meet BCBSA use cases. Integrate application design strategies to include the design of loosely coupled cloud resources to allow for a redundant and resilient end user application design. Assist in performance improvements while ensuring security controls are in place protecting the network and data. Work with EIT staff including Enterprise Architect, Delivery teams, core computing and application support team to ensure adequate system performance based on business requirements and industry best practices.
  • Documentation of new cloud computing Application design guidelines for both new business applications and the porting of existing BCBSA Business applications to align with a cloud model. Participate and conduct liaison activities in reviewing the application designs, providing recommended alterations to designs, and partnering with enterprise architects to transform current application design principles to be more cloud aligned. Coordinate and/or complete the development of all necessary design documentation associated with cloud service solutions. These are to include all aspects of cloud solutions such as application resiliency, disaster recovery, build book creation, and run book creation
  • Independently use judgment and takes action on it to build credibility with clients and technical staff through the delivery of sound cloud based business solutions. Consults with business and Enterprise IT Leadership and project staff to fit systems to solutions and identify when it is necessary to modify technical infrastructure to accommodate project needs.
  • Leads projects in close collaboration with network and application security engineers to assure BCBSA applications and systems are designed and configured to conform to general and product/application specific security architectures and to the security polices, guidelines and best practices provided by the Business Protection group for the protection of sensitive healthcare data. Owns service design and pricing in the context of cloud-based suctioning
  • May drive the design of self-healing and fault-tolerant cloud services and infrastructure environments with best practice configurations for a wide variety of systems including databases, web services and messaging systems, and other application support environments.
  • May lead the ongoing administration, maintenance, and problem resolution of existing SAN/NAS storage infrastructure and related software. Design, implement, and maintain SAN and NAS storage appliances/solutions for use by Cloud and other compute infrastructure. Configure data protection using Snapshots and SnapMirror, and manage Aggregates, Volumes, and LUNs on NetApp filers. Execute data migration to cloud environments using ONTAP, defining migration objectives and utilizing appropriate tools.

Education

  • Required: High School
  • Preferred: Bachelors Degree; Bachelor's Degree in Computer Science, Information Security, related discipline or equivalent experience in the field.
  • Preferred: Masters Degree


Certifications

  • Certification in one Cloud Platform (AWS or AZURE preferred)


Experience

  • 8+ years or more of enterprise-level Infrastructure consulting or implementation experience.
  • 5+ years experience in a network focused hands-on technical role working with routing protocols/technologies and platforms in large scale data center and/or WAN network environments.
  • 5+ years experience in a technical on-call capacity, responding to customer impacting events, mitigating and root cause analysis of those events.
  • 5+ years experience developing engineering, deployment, or operations mechanisms to support IP network and/or networking systems.- Thorough understanding of TCP/IP networking, IP routing, Server Load Balancing, and Network Security architecture and core technologies such as IP, TCP, OSPF/IS-IS, BGP, MPLS, Server Load Balancers, Firewalls, ACLs, DNS, DHCP, IPAM, LDAP, NFS, etc.
  • Experience leading network projects in the areas of network sustaining engineering, network deployment/implementation, network scaling, technology refresh, best practices application, and/or network optimization.
  • Experience leading the engineering and evolution of highly available networks in cloud (especially AWS) and on-prem data centers.
  • Experience working with dev ops teams to automate network deployment and operations.
  • Experience troubleshooting network routing, interconnectivity, platforms, performance, and configurations issues; including necessary low level application interaction, Unix systems, and new age networking software tools.


 

Skills

  • Experience with Chef, Puppet, Ansible, Powershell or other automation environments and scripting technologies.
  • Experience moving workloads from on premise to IaaS (Openstack, AWS, Rackspace, Azure, Druva etc.)
  • Networking experience, including VPN configuration is a requirement.
  • Familiar with Containerization
  • Experience with network technologies and with system, security, and network monitoring tools
  • Advanced working knowledge of the technical aspects of:
  • Application protocols, such as HTTP(S), SMTP, SSL, and DNS
  • Common applications of cryptography, such as X.509 PKI, PGP, etc.
  • Knowledge of Active Directory
  • Security event and log management
  • Identity and access management
  • Encryption in the cloud
  • Thorough understanding of the latest security principles, techniques, and protocols


People Management

No

#LI_HYBRID