AWS Platform Engineer

About The Position

Requirements

• AWS Expertise: Proven experience with AWS Organizations, Control Tower, and core services (Compute, Storage, Database).
• IaC Proficiency: Strong background in automating infrastructure with Terraform or AWS CDK.
• Observability Mindset: Experience setting up dashboards, alerts, and log aggregation.
• Problem Solver: Ability to manage PagerDuty rotations and lead root-cause analysis (RCA).
• Emerging Tech: Familiarity with LLM infrastructure and AI services (specifically AWS Bedrock) is a significant plus.
• Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience).
• Minimum of 5+ years of experience in systems administration.
• Proficiency in AWS
• Deep understanding of TCP/IP networking, network protocols, and ports.
• Strong skills in computer and systems security best practices.
• Experience with scripting languages (PowerShell, Bash, Python).
• Excellent troubleshooting and problem-solving skills.
• Strong communication and teamwork skills.
• Relevant certifications (e.g. AWS Certified SysOps Administrator – Associate, Azure Administrator Associate, CompTIA Security+, CISSP) are highly desirable.

Nice To Haves

• Experience with automation tools (Ansible, Chef).
• Experience with security frameworks (NIST, ISO 27001).
• Experience with FedRAMP Moderate and High offerings from AWS

Responsibilities

• Cloud Governance & Architecture Account Provisioning: Set up and configure AWS tenant accounts in alignment with the AWS Well-Architected Framework.
• Security & Compliance: Enforce company security policies (IAM, SCPs, GuardDuty) to maintain a robust security posture across all environments.
• Resource Management: Enable, disable, and govern the usage of core AWS services for tenants, including S3, Lambda, and Postgres (RDS).
• AWS Bedrock Operations: Manage and monitor AWS Bedrock deployments, ensuring model access, throughput limits, and performance metrics are optimized for tenant needs.
• Governance: Implement guardrails for Generative AI usage within the tenant accounts.
• Infrastructure as Code (IaC): Establish and maintain IaC procedures (Terraform, CloudFormation, or Pulumi) to streamline deployment and enable seamless DevOps workflows.
• Incident Management: Configure and maintain PagerDuty integrations to ensure rapid response to infrastructure alerts and system health issues.
• Monitoring: Set up comprehensive monitoring and logging stacks using CloudWatch, X-Ray, or third-party tools to ensure 360-degree visibility.
• FinOps: Implement cost-allocation tags, budgets, and reporting to drive financial accountability and identify cost-saving opportunities for tenants.
• Manage and troubleshoot TCP/IP networking, including subnetting, routing, and network protocols (DNS, DHCP, HTTP/HTTPS, SSH).
• Analyze network traffic and diagnose network issues.
• Manage hybrid network connections.
• Implement and maintain computer and systems security best practices.
• Perform vulnerability management and patch management.
• Utilize security monitoring tools (SIEM, IDS/IPS).
• Respond to security incidents and perform malware analysis.
• Implement security auditing and compliance.
• Implement and maintain least privilege access.
• Provide prompt and professional technical support to end users.
• Clearly communicate technical information to non-technical users.
• Resolve user issues efficiently and effectively.
• Maintain a positive and helpful attitude.
• Mentor junior team members on technical skills and best practices.
• Provide guidance and support for career development.
• Share knowledge and expertise with the team.
• Attend scheduled maintenance windows every other month on the third Saturday.
• Participate in an on-call rotation to provide 24/7 support for critical systems.