Principal Cloud Platform and Infrastructure Architect

About The Position

Requirements

• 12–15 years of professional experience in Cloud Infrastructure, Platform Engineering, System Engineering, or SRE, including 8 years of experience building, scaling, or transforming Platform Engineering or SRE organizations.
• 10 years of experience operating production environments with real customer workloads at scale, alongside 10 years of experience in highly available, secure, and scalable distributed systems design.
• 10 years of experience with AWS Cloud Architecture and Services (multi-account, multi-region) and 5 years of experience with AWS Organizations, Control Tower, and Service Control Policies.
• 8 years of experience in cloud networking (VPC design, Transit Gateway, routing, segmentation, dual-stack IPv4/IPv6).
• 6 years of experience with Infrastructure-as-Code (OpenTofu, Terragrunt, Packer, Ansible) and 5 years of experience in Kubernetes Platform Architecture (EKS, Bottlerocket, ARM64/Graviton, FIPS).
• 6 years of experience with security controls and cloud security (WAF, DDoS mitigation, layered edge/app protection), paired with 6 years of experience in network security, encryption, authentication, authorization, and identity-centric access.
• 5 years of experience in backup, restore, and disaster recovery for mission-critical platforms.

Nice To Haves

• Relevant certifications such as AWS Solutions Architect Professional, GCP Professional Cloud Architect, CISSP, or CCSP, and demonstrated industry impact through technical publications, conference presentations, or significant open-source contributions.
• Experience with multi-cloud infrastructure management (AWS, GCP, Azure), on-premises network architecture (Juniper, Cisco, Ubiquiti), and hybrid cloud connectivity.
• Expertise in distributed systems, microservice architectures, container orchestration (Kubernetes), continuous deployment at enterprise scale, global database architectures, and distributed data systems.
• Deep expertise in Linux/Unix internals, file systems, system tuning, administration, networking, and troubleshooting across network, application, and distributed service layers.
• Experience designing and operating centralized identity platforms (SSO, IAM federation, OAuth/OIDC) within regulated environments or compliance-driven infrastructure at enterprise or federal scale (financial services, healthcare, federal/defense).
• Experience with AWS Fault Injection Simulator, resilience testing frameworks, and exposure to AI/ML infrastructure, GPU-based workloads, or agentic AI platform services.
• Experience leading platform or infrastructure teams through transformational change or hyper-growth phases.
• Track record of TCO optimization, capacity planning, and infrastructure capital planning for global deployments.

Responsibilities

• Define the multi-year technical vision and end-to-end architecture across AWS and on-premises infrastructure, producing high-level designs for hybrid cloud connectivity.
• Architect highly available, fault-tolerant systems and drive proactive resilience strategies including chaos engineering, failure simulations, and comprehensive recovery/restore testing.
• Lead infrastructure security designs utilizing network segmentation, zero-trust principles, and boundary protection, ensuring compliance with SOC 2, ISO 27001, NIST, and FedRAMP frameworks.
• Maintain core platform services including identity, networking, multi-region deployments, physical servers, on-premises network gear (Juniper, Cisco, Ubiquiti), and runtime controls for agentic AI platforms.
• Enforce Infrastructure-as-Code (IaC) standards and chair the Architecture Board to align technical governance and hold tie-breaking authority over engineering standards.
• Establish incident response frameworks, lead critical escalations, and configure observability stacks or alerting systems to optimize platform reliability and restoration times.
• Align the multi-year technical roadmap with business outcomes, capacity planning, and TCO optimization while mentoring senior technical leaders across the organization.
• Promote industry thought leadership by representing the organization through external speaking engagements, publications, patents, or open-source contributions.
• Execute daily technical tasks hands-on by writing production code (OpenTofu, Terragrunt, Packer, Ansible), implementing IAM/encryption controls, and debugging complex distributed system failures.

Benefits

• comprehensive medical, dental, and vision plans
• matching 401K
• unlimited PTO
• paid holidays
• parental/adoption leave
• legal insurance
• a home technology stipend