Aws Cloud Architect

About The Position

Requirements

• 7+ years in infrastructure/solutions architecture, including on-prem networking, virtualization, and systems design.
• 3–5+ years in AWS and/or Azure architecture and provisioning (landing zones, VPC/VNet, IAM/AAD, storage, compute, Kubernetes or PaaS).
• Strong Terraform experience: modules, workspaces, remote state, registries, policy-as-code (OPA/Sentinel), and code reviews.
• Solid grasp of networking (CIDR, routing, VPN/ExpressRoute/Direct Connect, NAT, firewalls, DNS, private link/endpoints).
• Experience with CI/CD for IaC and app platforms (GitHub Actions, Azure DevOps, GitLab CI, or Jenkins).
• Security-first mindset: identity, least privilege, key management, encryption, secrets, compliance alignment (CIS/NIST/ISO).
• Observability: CloudWatch/CloudTrail, Azure Monitor/Log Analytics, Prometheus/Grafana, OpenTelemetry; incident response and SRE basics.
• Documentation & Diagrams: Strong ability to author ADRs, HLD/LLD, and present to both technical and non-technical audiences.

Nice To Haves

• Strong tool utilization- GitHub stands out
• Hands-on Terraform experience
• People that have used Terraform not just using templates that were already set up, but writing templates themselves from scratch
• On-prem to cloud integration experience
• Migration vs. integration – this is more of an integration AND migration vs just a pure migration effort
• There are going to be both on-prem and cloud solutions based on the application (need to have experience with multi-hosted environments)
• Analysis on what apps best fit which environment (external cloud would be great for this app b/c of XYZ, vs this which should stay bank hosted)
• OpenShift is nice to have, as well as monitoring experience – nice to have

Responsibilities

• Architect & Design: Create target state architectures, solution diagrams, and roadmaps for cloud-native and hybrid workloads (networking, compute, storage, identity, data, and edge).
• Infrastructure as Code (IaC): Lead Terraform module design, standards, and reusable patterns; implement CI/CD pipelines for IaC (e.g., GitHub Actions/Azure DevOps).
• Cloud Provisioning: Build and automate landing zones, VPC/VNet topologies, subnets, routing, firewalls, private endpoints, and service integrations in AWS or Azure.
• Security & Compliance: Embed controls (IAM/ABAC/RBAC, secrets management, encryption, policies/guardrails), align to frameworks (CIS/NIST), and partner with GRC.
• Resilience & Reliability: Architect for HA/DR, multi-AZ/region patterns, backups, and SLOs; implement observability (logs, metrics, traces) and performance tuning.
• Cost & FinOps: Right-size resources, leverage savings plans/reserved instances, tagging and showback/chargeback; drive continuous cost optimization.
• Technical Leadership: Create reference architectures, standards, and patterns; conduct design reviews and threat modeling; mentor engineers.
• Migration & Modernization: Lead discovery, assessment, and migration/modernization (rehost/refactor) of workloads into cloud landing zones.
• Stakeholder Enablement: Translate business needs into technical architectures; produce clear documentation, runbooks, and executive-ready diagrams.
• Governance & Platform: Contribute to platform engineering capabilities (golden images, service catalogs, self-service, policy-as-code).

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)