GPS - Azure Cloud Platform Engineer - Supervising Associate Security Clearance

Position: GPS - Azure Cloud Platform Engineer - Supervising Associate with Security Clearance
At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. From strategy to execution, the Government & Public Sector (GPS) practice of Ernst & Young LLP provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes.

We deliver real change and measurable results through our diverse, high-performing teams, quality work at the highest professional standards, operational know-how from across our global organization, and creative and bold ideas that drive innovation. We enable our government clients to achieve their mission of protecting the nation and serving the people; increasing public safety; improving healthcare for our military, veterans and citizens;

delivering essential public services; and helping those in need. EY is ready to help our government build a better working world. Our GPS Technology Organization is a structure within the US GPS practice that implements and maintains a new operate and technology model designed specifically to support U.S. defense and Government engagements. The opportunity This is a remote opportunity that can be performed within Continental United States.

This role focuses on:

* Designing cloud platform architectures and infrastructure as code for secure Azure / Azure Gov environments

* Building Dev Sec Ops  automation and CI/CD pipelines

* Enabling containerized workloads and hardened base images at scale

* Helping teams adopt modern cloud practices without accumulating technical debt

You'll collaborate with architects, security teams, and product managers, and coach junior engineers in a highly regulated mission environment. You'll thrive in this role if you're a self-starter who's comfortable with ambiguity, likes to automate wherever it makes sense, and is committed to continuous learning and helping others grow. What you'll do Cloud Platform & Infrastructure as Code (IaC)

* Design and maintain reusable IaC (Bicep, ARM templates) for scalable, secure Azure / Azure Gov environments

* Implement and improve Azure Policies and initiatives to enforce standards and guardrails

* Apply modern engineering and security standards across platform components

Containers & Dev Sec Ops

* Engineer, automate, and deploy platform solutions and applications using platforms such as Kubernetes, Azure Kubernetes Service (AKS), Azure Container Apps, with supporting technologies like Docker or Helm

* Develop and maintain base container images and hardened OS images aligned to DISA STIGs and other security baselines

* Evolve and promote Dev Sec Ops  practices across teams

Automation & CI/CD

* Build and operate CI/CD pipelines using Azure Dev Ops, Git, and automation tooling (e.g., Ansible)

* Automate repeatable infrastructure and application deployment tasks

* Use both manual and automated quality controls to ensure reliable releases

Operations, risk & collaboration

* Troubleshoot and remediate issues in cloud and container platforms

* Identify and communicate risks, assumptions, issues, and decisions throughout the product lifecycle

* Document and improve processes, and collaborate closely with product managers, architects, and security teams

* Mentor junior engineers and help build a high-performing Dev Sec Ops  culture

What you bring (required)

* Bachelor's degree in Computer Science, IT, or equivalent experience

* Microsoft Certified:
Azure Administrator Associate (AZ-104)

* 5+ years in engineering roles working with private/public cloud IaaS, PaaS, and/or SaaS

* Eligibility to obtain and maintain a Top Secret security clearance
* Strong hands-on experience with (in order of importance):

* * Infrastructure as Code & CI/CD - designing and delivering with tools such as Bicep, Azure Dev Ops, ARM templates, or Ansible

* Containers and orchestration - experience building and running containerized workloads using technologies such as Docker, Kubernetes, Azure Kubernetes Service (AKS), Azure Container Apps, or Helm for packaging and deploying services at scale

* Networking fundamentals - strong foundation designing and troubleshooting VNets, subnets, network security groups (NSGs), routing (UDRs), and basic load-balancing scenarios, with enough depth to reason about hub-and-spoke or similar topologies and diagnose common connectivity issues

* Cloud security principles - solid understanding of concepts such as shared responsibility, least privilege, identity-driven security, network segmentation, encryption, and logging/monitoring, and how to apply them for customers driven by regulatory compliance requirements, such as: NIST, Fedramp

* Identity and access - understanding of Microsoft Entra , Azure RBAC, Entra , Privileged Identity Management (PIM), and managed identities for Azure resources

* Windows and Linux administration - hands-on experience…