Key skills
AWSAzureTerraformKubernetesDockerAnsibleServerlessEKSAKSEC2GitHubRepositoryServiceNowCI/CDFirewall
About this role
Cognizant is seeking a DevOps Platform Engineering Lead to establish an AWS Cloud Center of Excellence and transition from traditional operations to a product-led platform engineering model. The role involves designing secure cloud patterns, CI/CD standards, and automation frameworks to enhance developer efficiency while ensuring security and scalability.
Responsibilities:
- Lead the design and build-out of the AWS Cloud Center of Excellence, helping shift cloud operations from a ticket-based model to a product-led platform engineering model
- Define the platform strategy, standards, and reusable patterns that enable development teams to provision secure, scalable, and cost-efficient cloud infrastructure
- Design and deliver the top 3 to 5 golden paths for common application and infrastructure patterns, including Kubernetes, serverless, and VM-based workloads
- Create reusable Infrastructure as Code templates using Terraform and/or Ansible, with embedded standards for security, networking, monitoring, tagging, and governance
- Build standardized networking templates, including subnets, routing tables, security groups, endpoints, NAT gateways, and firewall patterns
- Automate the creation of golden images, including AMI standards, EC2 Image Builder pipelines, OS hardening, vulnerability scanning, and image lifecycle controls
- Establish Kubernetes and serverless platform foundations for modern application hosting, including Amazon EKS and/or Azure AKS
- Define Kubernetes platform baselines, including private endpoints, RBAC/AD integration, node pools, autoscaling, encryption at rest, audit logging, security controls, and monitoring
- Create container standards, including Dockerfile baselines, container base image strategies, vulnerability scanning, SBOM generation, image signing, and promotion gates
- Define infrastructure image management standards, including base OS images, application-specific images, patching cadence, deprecation policies, and CVE response SLAs
- Define CI/CD standards for infrastructure provisioning and application deployment, including branching strategy, pull request standards, approval gates, automated testing, rollback patterns, and artifact management
- Implement policy-as-code controls using tools such as OPA, Conftest, Sentinel, Azure Policy, or AWS Service Control Policies
- Create self-service platform capabilities using tools such as Backstage and/or ServiceNow so developers can access approved templates, tools, and platform services
- Partner with application, infrastructure, security, and architecture teams to drive adoption of AWS DevOps, DevSecOps, and platform engineering standards
Requirements:
- 8+ years of experience in AWS DevOps, DevSecOps, platform engineering, cloud architecture, or infrastructure automation, with experience defining standards or leading platform engineering initiatives
- Proficiency with Amazon Kubernetes Services, including Amazon EKS
- Deep knowledge of DevSecOps practices, including security automation, vulnerability scanning, policy enforcement, compliance checks, and secure deployment patterns
- Proven background designing and implementing CI/CD standards, including pipeline design, branching strategies, approval workflows, release promotion, and rollback approaches
- Hands-on proficiency with Ansible and/or Terraform for Infrastructure as Code
- Strong experience with AWS DevOps, including cloud automation, infrastructure provisioning, deployment automation, monitoring, and governance
- Proficiency with GitHub, including repository standards, pull request practices, code owners, approval rules, and CI/CD integration
- Experience creating golden paths, reusable templates, standardized networking patterns, golden images, and self-service platform capabilities
- Knowledge of infrastructure image management, including AMIs, EC2 Image Builder pipelines, patching standards, vulnerability scanning, and image lifecycle controls
- Background with Kubernetes and serverless hosting patterns, including security, monitoring, scalability, and operational controls
- Working knowledge of containerization, Docker, container base images, and artifact repositories such as ECR, ACR, Artifactory, or similar platforms
- Strong understanding of cloud networking patterns, including subnets, routing tables, security groups, endpoints, NAT gateways, firewall patterns, and private connectivity
- Ability to partner with cross-functional teams to define standards, drive adoption, and support a product-led platform engineering model
- Background in helping establish or mature an AWS Cloud Center of Excellence
- Exposure to building internal developer platforms or self-service platform capabilities
- Experience with Backstage and/or ServiceNow
- Working knowledge of policy-as-code tools such as OPA, Conftest, Sentinel, Azure Policy, or AWS Service Control Policies
- Experience with SBOM generation, image signing, artifact promotion, and software supply chain security
- Familiarity with blue/green deployments, canary releases, progressive delivery, Argo Rollouts, Flagger, or feature flag strategies
- Experience supporting Kubernetes, serverless, and VM-based application patterns
- Experience creating documentation, reference architectures, starter templates, and developer enablement materials