Principal Cloud Engineer - DevOps/Infrastructure

About The Position

Requirements

• 12+ years in cloud infrastructure, DevOps, or platform engineering, with deep production ownership and a record of setting technical direction.
• Deep, hands-on expertise across all three of AWS, Google Cloud, and Azure, or mastery of two with strong production experience in the third.
• Expert-level Infrastructure as Code, especially Terraform, with patterns and module libraries you have personally established as the standard across multiple teams.
• Production Kubernetes experience (EKS, GKE, or AKS), including day-2 operations and troubleshooting.
• Strong CI/CD design experience (GitHub Actions, GitLab CI, Azure DevOps, Jenkins, or similar).
• Advanced scripting and automation in Python, Bash, and/or PowerShell.
• Deep networking fundamentals across clouds: VPC and VNet design, DNS, load balancing, hybrid connectivity, and private-by-default access patterns (PrivateLink, Private Service Connect, Shared VPC, and multi-account or multi-project connectivity).
• Strong grounding in cloud security and identity (IAM, RBAC, secrets management, encryption).
• A track record as a design authority and top escalation point, and of mentoring senior engineers and setting standards others adopt.
• Experience leading technical solutioning or pre-sales in a client-facing or consulting environment.
• Strong written and spoken English communication skills, including with executive audiences.

Nice To Haves

• Multi-account or multi-project landing zone design (AWS Control Tower, GCP organization policy, Azure Landing Zones).
• GitOps and progressive delivery (ArgoCD, Flux), and service mesh experience.
• Policy as code (OPA, Sentinel) and compliance frameworks (SOC 2, FedRAMP, HIPAA).
• FinOps and large-scale cost optimization.
• VMware and hybrid or private cloud experience.

Responsibilities

• Act as the design authority for multi-cloud infrastructure across AWS, Google Cloud, and Azure. Own the hardest architecture decisions and serve as the final escalation point for production-critical problems across engagements.
• Define the firm-wide standards, patterns, and reference architectures for landing zones, networking, identity, and workload platforms that every team builds on. Set account, subscription, and project structure, environment separation, and identity boundaries as defaults.
• Own the IaC standard for the practice. Build the reusable, modular Terraform and the module library that other engineers adopt by default, and govern state, versioning, and drift at scale.
• Set the standard for running Kubernetes in production (EKS, GKE, AKS), including networking, autoscaling, workload isolation, and day-2 operations. Own container registries and artifact promotion (ECR, ACR, Artifact Registry) and golden image pipelines (cloud-init, image bake) for consistent, hardened builds.
• Shape proposals and estimates, lead technical discovery, and represent the firm as the senior cloud voice in client and executive conversations.
• Build and harden CI/CD pipelines and deployment automation that move code to production safely and repeatably.
• Establish observability, SLOs, and incident response practices. Lead root cause analysis and drive permanent fixes rather than repeated firefighting.
• Define the cloud security and compliance posture: identity and least-privilege access, secrets management, network segmentation, encryption, and policy as code.
• Drive cost visibility and optimization (FinOps) across accounts, projects, and clouds.
• Raise the technical bar across the practice. Mentor and grow senior engineers, shape the hiring bar, and lead design reviews.
• Build the accelerators and reference implementations that cut delivery time and raise quality across every engagement.