Infrastructure Architect

About The Position

Requirements

• Experience: 7+ years in System Engineering or DevOps, with at least 3 years in an Architecture role.
• Cloud Proficiency: Deep expertise in at least one major public cloud provider (AWS, Azure, GCP) and experience connecting them to on-prem data centers.
• Kubernetes Expert: Proven experience managing Kubernetes in production (CKA certification is a plus).
• IaC Mastery: Advanced proficiency with Terraform and configuration management tools.
• Container-Optimized OS Experience: Deep understanding of immutable infrastructure concepts and experience managing minimal Linux distributions designed exclusively for Kubernetes (no SSH, read-only file systems, etc.).
• Database Knowledge: Experience architecting high-availability solutions for both SQL and NoSQL databases.

Nice To Haves

• Experience with Service Mesh technologies (Istio, Linkerd ).
• Background in regulated industries (Finance, Healthcare) dealing with compliance standards (SOC2, HIPAA, PCI-DSS).
• Programming experience in Python or Go for scripting and tooling.

Responsibilities

• Hybrid Cloud Strategy: Design and implement a robust hybrid cloud architecture that seamlessly integrates on-premise infrastructure with major hyperscalers (AWS, Azure, or GCP).
• High Availability (HA): Architect systems for 99.99% uptime, utilizing multi-region failover strategies, load balancing, and disaster recovery planning.
• Container Orchestration: Lead the design and management of enterprise-grade Kubernetes clusters (K8s) across both on-prem and cloud environments.
• Infrastructure as Code ( IaC ): Define all infrastructure using code. Build and maintain extensive Terraform and Chef / A nsible repositories to automate provisioning, configuration, and drift detection.
• Immutable OS & Minimal Distributions: Architect solutions using container-optimized, immutable Linux distributions (e.g., Talos Linux, Flatcar, Bottlerocket ). Move away from traditional SSH-based management to API-driven OS configuration to reduce overhead and ensure consistency.
• Database Reliability: Oversee the architectural health of various database platforms (MySQL, MongoDB, etc.), ensuring proper clustering, sharding, and backup strategies are in place.
• Immutable Security Strategy: Move beyond traditional in-place patching. Design automated workflows for node rotation and recycling to apply OS updates and security fixes, ensuring production environments always run on the latest, verified images.
• Supply Chain Security: Implement rigorous image scanning and signing (e.g., Cosign, Notary) within the CI/CD pipeline. enforce Software Bill of Materials (SBOM) analysis to detect vulnerabilities in base images and dependencies before they reach the cluster.
• Runtime Defense: Architect runtime security solutions using eBPF -based tools (e.g., Falco, Tetragon) to monitor for anomalous behavior and unauthorized system calls in a shell-less environment.
• Policy as Code: Enforce cluster security and compliance using policy engines like OPA Gatekeeper or Kyverno to prevent misconfigurations and ensure strict pod security standards.
• Observability: Implement comprehensive monitoring and distributed tracing (Prometheus, Grafana, Jaeger) to ensure deep visibility into ephemeral pods and distinct infrastructure layers.

Benefits

• Health & Wellness: Health care coverage designed for the mind and body.
• Flexible Downtime: Generous time off helps keep you energized for your time on.
• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
• Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
• Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.
• Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.