Key skills
GoGolangAWSTerraformDockerJenkinsGitHub ActionsServerlessVaultECSEKSEC2LambdaS3RDSIAMCloudWatchAPI GatewayPrismaGitGitHubServiceNowCI/CDChange ManagementCommunicationNetwork SecurityCloud Security
About this role
CBTS is searching for an experienced AWS Cloud Platform Engineer to support its enterprise AWS environment. The role focuses on day-to-day cloud platform operations including AWS account lifecycle management, infrastructure provisioning, VPC networking, and security controls enforcement.
Responsibilities:
- Provision and manage AWS accounts, services, and decommissioning within AWS
- Perform VPC provisioning, upgrades, and configuration management using Terraform
- Manage Transit Gateway attachments, route table configurations, and cross-account network connectivity
- Support compute infrastructure including EC2 fleet management, Auto Scaling Groups, and load balancer configurations
- Fulfill infrastructure change requests through ITSM processes and formal change management
- Develop, maintain, and troubleshoot Terraform configurations for AWS infrastructure provisioning
- Work within Terraform Cloud workspaces with policy-as-code enforcement
- Leverage and contribute to internal Terraform modules, guardrails and standardized workflows
- Implement and maintain Service Control Policies (SCPs), IAM policies and least privilege access models
- Enforce encryption and data protection standards (EBS, RDS, S3, KMS)
- Triage and remediate findings from cloud security posture management (CSPM) tools, vulnerability scans, and drift detection
- Manage VPC endpoint configurations, PrivateLink connectivity, and network security controls
- Monitor and respond to alarms, security findings, and AWS Config rule violations
- Support FinOps practices including cost/budget monitoring and enforcement, and resource optimization recommendations
- Participate in on-call rotation for cloud platform support
- Collaborate with application teams, security, and enterprise architecture stakeholders
- Maintain operational runbooks, SOPs, and technical documentation
- Document infrastructure decisions, configurations, troubleshooting procedures, and customer support guides
Requirements:
- 5 – 10 years of hands-on experience in cloud infrastructure engineering (AWS-focused)
- Demonstrated experience with Terraform (HCL) and IaC lifecycle management
- Deep working knowledge of AWS core services: VPC, EC2, Lambda, S3, RDS, IAM, KMS, CloudWatch, CloudTrail, Route 53, API Gateway, ELB (ALB/NLB), Transit Gateway
- Experience operating multi-account AWS environments using AWS Organizations and SCPs
- Proficiency in IAM policy design, cross-account access patterns, and least-privilege principles
- Experience with CI/CD pipelines (Terraform Cloud, Jenkins, GitHub Actions, or equivalent)
- Experience with Git-based workflows (branching strategies, pull requests, code reviews) in GitHub Enterprise or similar
- Experience working in regulated or enterprise environments with formal change management (ServiceNow or equivalent ITSM)
- Strong troubleshooting and problem-solving skills for complex, multi-account AWS environments
- Excellent written and verbal communication skills; ability to produce clear technical documentation
- AWS Certifications: Solutions Architect (Associate or Professional), SysOps Administrator, DevOps Engineer, Security Specialty, or equivalent cloud certifications
- Cloud Service Evaluation & Governance: Experience evaluating, securing, and onboarding new cloud services for enterprise adoption
- Experience with CSPM tools (Prisma Cloud, AWS Config, or similar)
- Experience with policy-as-code frameworks (Sentinel or similar)
- Experience working in financial services or other highly regulated industries
- Familiarity with containerization (ECS, EKS, Docker) and serverless architectures
- Familiarity with HashiCorp Vault for secrets management and credential brokering
- FinOps / Cloud Cost Optimization: Experience with AWS Cost Explorer, Budgets, cost allocation tagging strategies, right-sizing, and Savings Plans
- Working knowledge of Go (Golang)