AWS Platform Architect

About The Position

Requirements

• Bachelor’s degree in Computer Science, Engineering, or equivalent professional experience; AWS certifications (Solutions Architect Pro or Security Specialty) are highly preferred.
• 7+ years of experience in Cloud Infrastructure or Platform Engineering, with a proven track record of leading multi-tenant AWS data platforms and event-driven architectures.
• Expert-level hands-on proficiency with AWS core services (S3, Glue, Redshift, Lake Formation, IoT Core, KMS) and authoring complex Terraform modules with remote state management.
• Deep experience building and maintaining CI/CD pipelines for infrastructure, including environment promotion (Dev/Stage/Prod), drift detection, and automated validation.
• Solid networking fundamentals, including VPC design, PrivateLink, and identity federation patterns (SAML/OAuth2/mTLS).
• Demonstrated ability to design airtight data isolation at scale (ABAC/RBAC) and produce builder-ready technical standards such as Architecture Decision Records (ADRs).
• Strong financial acumen with the ability to track AWS spend against cost models and drive optimization through resource tagging and architectural efficiency.

Responsibilities

• Lead AWS platform design (VPC, IAM, networking) and define S3 storage patterns across Bronze, Silver, and Gold medallion layers; produce Architecture Decision Records (ADRs) with explicit trade-off rationale.
• Author production-ready Terraform modules with state management and remote backends; implement multi-tenant security (ABAC/RBAC, Lake Formation row/column filters, and KMS encryption).
• Ensure strict tenant isolation across storage and compute layers; design real-time service layers spanning IoT Core, AppSync, and EventBridge/Kinesis with mTLS and secure protocols.
• Serve as the primary technical authority for all cloud infrastructure decisions; lead technical sessions with enterprise security, IT, and DevOps teams to ensure architectural conformance.
• Define and document reference blueprints, CDC/streaming partitioning strategies, operational runbooks, cost-tagging standards, and CloudWatch observability patterns.