About the position
We are seeking an experienced AWS Engineer with strong architectural and hands-on engineering expertise to help design, build, and deploy a mirrored AWS environment based on our current production ecosystem. This role involves standing up a new AWS landing zone, implementing secure and scalable infrastructure, and enabling automated deployments through best-in-class IaC and DevOps practices.
This is a highly technical, onsite role requiring close collaboration with internal engineering, security, and operations teams to ensure all cloud services, policies, and configurations align with enterprise standards.
Responsibilities
• Architect and build a new AWS environment that mirrors the existing production deployment.
• Develop and configure AWS Control Tower landing zones, guardrails, and multi-account governance.
• Implement AWS Config, resource compliance rules, and continuous monitoring across the new environment.
• Create, refine, and enforce IAM policies, including SCPs, identity permissions, and role-based access models.
• Build infrastructure using CloudFormation and Terraform to ensure fully automated, repeatable deployments.
• Design and configure AWS networking, including VPCs, subnets, routing, security groups, peering, transit gateways, and hybrid connectivity (if needed).
• Support and enhance DevOps pipelines used to deploy, test, and manage the new AWS environment.
• Write, maintain, and optimize Python scripts for automation, resource configuration, and operational tooling.
• Collaborate with security, operations, and application teams to validate environment integrity and readiness.
• Troubleshoot cloud infrastructure issues and implement cloud engineering best practices.
Requirements
• 8-10+ years of hands-on AWS engineering experience in enterprise-scale environments.
• Expertise in AWS architecture, multi-account environments, and secure cloud design.
• Strong experience with Control Tower, AWS Config, and centralized governance.
• Deep understanding of IAM, SCPs, identity federation, and cloud security best practices.
• Proficiency in CloudFormation and Terraform (IaC).
• Advanced knowledge of AWS networking (VPC, routing, security groups, NACLs, Direct Connect, VPN).
• Solid DevOps background, including CI/CD pipelines, automated deployments, and environment management.
• Strong Python programming for automation and tooling.
• Ability to work onsite, collaborate cross-functionally, and deliver quality infrastructure quickly.
Nice-to-haves
• AWS Certifications (Solutions Architect, DevOps Engineer, or Security Specialty)
• Experience migrating or replicating enterprise cloud environments.
• Knowledge of monitoring, observability, and logging tools (CloudWatch, OpenSearch, etc.).