AWS Solutions Architect

About The Position

Requirements

• Strong expertise in AWS architecture
• Strong expertise in MLOps
• Strong expertise in Generative AI
• Strong expertise in regulatory compliance (banking and financial services)
• Strong expertise in enterprise integration
• Ability to design and architect secure, scalable AWS solutions for core banking, digital banking, payments, risk management, fraud detection, and analytics platforms
• Ability to translate business, regulatory, and security requirements into compliant cloud architectures ensuring adherence to PCI-DSS, SOX, GDPR, SOC 2, Basel III, and local financial regulations
• Ability to architect secure network foundations using Amazon VPC components (subnets, Security Groups, NACLs, NAT Gateways, VPC Endpoints, Transit Gateway) and implement least-privilege access using IAM, IAM Identity Center, and IAM Access Analyzer
• Ability to implement encryption and secrets management strategies using AWS KMS, Secrets Manager, and Certificate Manager for data protection at rest and in transit
• Ability to design end-to-end MLOps pipelines using Amazon SageMaker (Pipelines, Model Registry, Projects, Feature Store, Clarify, Model Monitor) for automated model training, deployment, bias detection, and monitoring
• Ability to architect Generative AI solutions using Amazon Bedrock (foundation models from Anthropic, Meta, Cohere, AI21 Labs, Stability AI), Bedrock Guardrails for content filtering and hallucination prevention, Bedrock Knowledge Bases for RAG implementations, and Bedrock Agents for task automation
• Ability to design intelligent search and retrieval systems using Amazon Kendra (GenAI Index) for enterprise search, document discovery, and semantic search integrated with Bedrock Knowledge Bases and Amazon Q Business
• Ability to configure model customization and fine-tuning strategies using Bedrock Custom Model Import, prompt engineering, and Retrieval Augmented Generation (RAG) patterns with proprietary enterprise data
• Ability to implement AIOps and observability using Amazon DevOps Guru, CloudWatch (anomaly detection, Container Insights, Lambda Insights), X-Ray, and distributed tracing capabilities
• Ability to design high availability and disaster recovery solutions across multiple regions using Aurora Global Database, DynamoDB Global Tables, S3 Cross-Region Replication, and Route 53 failover
• Ability to lead application and data migrations from on-premises to AWS using Database Migration Service, Application Migration Service, and Storage Gateway
• Ability to architect containerized workloads using Amazon ECS, EKS, Fargate, and ECR with security scanning and orchestration best practices
• Ability to collaborate with InfoSec, Risk, Compliance, and Audit teams to implement security guardrails, conduct threat modeling, and maintain regulatory compliance
• Ability to enforce AWS Well-Architected Framework principles and guide DevOps teams on CI/CD pipelines using CodePipeline, CodeBuild, CodeDeploy, and Infrastructure as Code (CloudFormation, CDK, Terraform)
• Ability to implement governance and continuous compliance using AWS Config, Audit Manager, conformance packs, and centralized logging with CloudWatch Logs and OpenSearch
• Ability to optimize costs using Cost Explorer, Budgets, Savings Plans, Reserved Instances, Spot Instances, and S3 lifecycle policies
• Ability to design data lakes and analytics platforms using S3, Glue, Athena, EMR, Kinesis, and Redshift for real-time and batch processing
• Ability to implement centralized backup strategies using AWS Backup and automate operational tasks using Systems Manager, EventBridge, and CloudFormation
• Ability to document architecture designs, security controls, threat models, disaster recovery runbooks, and maintain architecture decision records for audit purposes

Nice To Haves

• AWS Certified Solutions Architect – Professional or Associate
• Experience with financial services regulations (PCI-DSS, SOX, GDPR, FFIEC, ISO 27001)
• Experience with encryption, key management (AWS KMS, HSM), and secrets management
• Knowledge of zero-trust architectures and defense-in-depth security models
• Experience with containerization and orchestration (Docker, Kubernetes, ECS/EKS)
• Familiarity with DevSecOps, CI/CD, and automated compliance controls
• Experience with disaster recovery and multi-region architectures

Responsibilities

• Design and architect secure, scalable AWS solutions for core banking, digital banking, payments, risk management, fraud detection, and analytics platforms
• Translate business, regulatory, and security requirements into compliant cloud architectures ensuring adherence to PCI-DSS, SOX, GDPR, SOC 2, Basel III, and local financial regulations
• Architect secure network foundations using Amazon VPC (subnets, Security Groups, NACLs, NAT Gateways, VPC Endpoints, Transit Gateway) and implement least-privilege access using IAM, IAM Identity Center, and IAM Access Analyzer
• Implement encryption and secrets management strategies using AWS KMS, Secrets Manager, and Certificate Manager for data protection at rest and in transit
• Design end-to-end MLOps pipelines using Amazon SageMaker (Pipelines, Model Registry, Projects, Feature Store, Clarify, Model Monitor) for automated model training, deployment, bias detection, and monitoring
• Architect Generative AI solutions using Amazon Bedrock (foundation models from Anthropic, Meta, Cohere, AI21 Labs, Stability AI), Bedrock Guardrails for content filtering and hallucination prevention, Bedrock Knowledge Bases for RAG implementations, and Bedrock Agents for task automation
• Design intelligent search and retrieval systems using Amazon Kendra (GenAI Index) for enterprise search, document discovery, and semantic search integrated with Bedrock Knowledge Bases and Amazon Q Business
• Configure model customization and fine-tuning strategies using Bedrock Custom Model Import, prompt engineering, and Retrieval Augmented Generation (RAG) patterns with proprietary enterprise data
• Implement AIOps and observability using Amazon DevOps Guru, CloudWatch (anomaly detection, Container Insights, Lambda Insights), X-Ray, and distributed tracing capabilities
• Design high availability and disaster recovery solutions across multiple regions using Aurora Global Database, DynamoDB Global Tables, S3 Cross-Region Replication, and Route 53 failover
• Lead application and data migrations from on-premises to AWS using Database Migration Service, Application Migration Service, and Storage Gateway
• Architect containerized workloads using Amazon ECS, EKS, Fargate, and ECR with security scanning and orchestration best practices
• Collaborate with InfoSec, Risk, Compliance, and Audit teams to implement security guardrails, conduct threat modeling, and maintain regulatory compliance
• Enforce AWS Well-Architected Framework principles and guide DevOps teams on CI/CD pipelines using CodePipeline, CodeBuild, CodeDeploy, and Infrastructure as Code (CloudFormation, CDK, Terraform)
• Implement governance and continuous compliance using AWS Config, Audit Manager, conformance packs, and centralized logging with CloudWatch Logs and OpenSearch
• Optimize costs using Cost Explorer, Budgets, Savings Plans, Reserved Instances, Spot Instances, and S3 lifecycle policies
• Design data lakes and analytics platforms using S3, Glue, Athena, EMR, Kinesis, and Redshift for real-time and batch processing
• Implement centralized backup strategies using AWS Backup and automate operational tasks using Systems Manager, EventBridge, and CloudFormation
• Document architecture designs, security controls, threat models, disaster recovery runbooks, and maintain architecture decision records for audit purposes