Cloud Engineer

Remote
May 23, 2025
Full Time
Application ends: August 23, 2025

Apply for this job

Email *

Job Description

We are seeking a Cloud Engineer with a strong background in infrastructure automation, platform observability, and cost optimization at scale. This is not a plug-and-play role. You’ll work closely with our architects to redesign and implement a multi-account AWS environment that supports ephemeral workloads, advanced IAM policies, and a tightly controlled security boundary.

If your idea of cloud engineering is spinning up EC2 instances and calling it a day, this is not the role for you.

What You’ll Do

  • Re-architect our AWS Organization structure to support better blast-radius control and billing separation
  • Own the lifecycle of Terraform modules: authoring, refactoring, versioning, and documentation
  • Develop cross-account IAM policies using least privilege principles, and implement federation with OIDC/SAML providers
  • Design and implement a shared services VPC with centralized logging, monitoring, and DNS
  • Collaborate with security engineering to implement SCPs, guardrails, and automated remediation for drift and non-compliant resources
  • Containerize legacy services and migrate them to EKS with appropriate network and security configurations
  • Set up workload identity federation for GitHub Actions and other CI/CD pipelines
  • Implement resource tagging strategies and cost anomaly detection workflows integrated with AWS Cost Explorer or CloudHealth
  • Build self-service tooling for developers to provision infrastructure safely using GitOps workflows
  • Monitor and reduce cold start times for Lambda functions by tuning runtime configurations and package sizes

Requirements

  • 3+ years of experience building and managing infrastructure in AWS using Terraform (not CloudFormation or CDK)
  • Demonstrable experience with multi-account AWS Organizations and Control Tower, including landing zone setup
  • Strong understanding of VPC networking, Transit Gateway, and PrivateLink integrations
  • Hands-on experience with EKS, Fargate, and implementing network policies using Calico or Cilium
  • Deep knowledge of IAM, including assume-role chains, permissions boundaries, and session policies
  • Experience implementing Open Policy Agent (OPA) or Conftest for infrastructure policy enforcement
  • Familiarity with FinOps practices – must be able to read a billing report and trace charges to specific resources
  • Fluency in Python, Go, or another language for writing CLI tools and automation scripts
  • Comfortable participating in on-call rotation and troubleshooting production incidents related to cloud services

Nice to Have

  • AWS Certified Solutions Architect – Professional
  • Experience with alternative cloud providers (GCP or Azure) and multi-cloud design patterns
  • Experience migrating monolithic services to event-driven architectures using SQS, SNS, or Kinesis
  • Contributions to open-source IaC or DevOps tools

Are you interested in this position?

Apply by clicking on the “Apply Now” button below!

#GraphicDesignJobsOnline#WebDesignRemoteJobs #FreelanceGraphicDesigner #WorkFromHomeDesignJobs #OnlineWebDesignWork #RemoteDesignOpportunities #HireGraphicDesigners #DigitalDesignCareers#Dynamicbrandguru

Related Jobs