Key skills
PythonGoGolangShellBashAWSTerraformDockerJenkinsGitHub ActionsServerlessVaultECSEKSEC2LambdaS3RDSIAMCloudWatchAPI GatewayPrismaIdentity ManagementGitGitHubServiceNowCI/CDChange ManagementCommunicationCloud Security
About this role
Experience: 12+ years
Must Have:
- AWS EC2 architecture including instance types, placement groups, and Auto Scaling Group lifecycle management
- Cloud security controls: encryption, network isolation, identity management, policy enforcement
- EBS volume management, encryption enforcement, and snapshot lifecycle
- EC2 Image Builder pipelines recipe configuration, component authoring, image testing, and cross-account AMI distribution
- Golden AMI lifecycle management: base image selection, CIS benchmark hardening, security agent integration (endpoint protection, vulnerability scanning), and automated image rotation/deprecation
- Infrastructure as Code principles and Terraform lifecycle management
- Launch template and Auto Scaling Group integration with AMI pipelines for fleet-wide image updates
- Linux/macOS command-line proficiency
- Proficiency in Python, Bash/Shell scripting
- Understanding of OS hardening standards (CIS Benchmarks), patch management, and image compliance
Nice To Have:
- AWS Certifications: Solutions Architect (Associate or Professional), SysOps Administrator, DevOps Engineer, Security Specialty, or equivalent cloud certifications
- Cloud Service Evaluation & Governance: Experience evaluating, securing, and onboarding new cloud services for enterprise adoption.
- Experience with CSPM tools (Prisma Cloud, AWS Config, or similar)
- Experience with policy-as-code frameworks (Sentinel or similar)
- Experience working in financial services or other highly regulated industries
- Familiarity with containerization (ECS, EKS, Docker) and serverless architectures
- Familiarity with HashiCorp Vault for secrets management and credential brokering
- FinOps / Cloud Cost Optimization: Experience with AWS Cost Explorer, Budgets, cost allocation tagging strategies, right-sizing, and Savings Plans
- Working knowledge of Go (Golang)
Duties and Responsibilities
Infrastructure Operations & Account Lifecycle
Infrastructure as Code (IaC)
Security & Compliance
Monitoring, Cost Management & Operational Support
optimization recommendations
Documentation & Knowledge Management
Minimum Knowledge, Skills, and Abilities Required
Required Experience (Must-Haves)
- 5 10 years of hands-on experience in cloud infrastructure engineering (AWS focused)
- Demonstrated experience with Terraform (HCL) and IaC lifecycle management
- Deep working knowledge of AWS core services: VPC, EC2, Lambda, S3, RDS, IAM, KMS, CloudWatch, CloudTrail, Route 53, API Gateway, ELB (ALB/NLB), Transit Gateway
- Experience operating multi-account AWS environments using AWS Organizations and SCPs
- Proficiency in IAM policy design, cross-account access patterns, and least-privilege principles
- Experience with CI/CD pipelines (Terraform Cloud, Jenkins, GitHub Actions, or equivalent)
- Experience with Git-based workflows (branching strategies, pull requests, code reviews) in GitHub Enterprise or similar
- Experience working in regulated or enterprise environments with formal change management (ServiceNow or equivalent ITSM)
- Strong troubleshooting and problem-solving skills for complex, multi-account AWS environments
- Excellent written and verbal communication skills; ability to produce clear technical documentation