Principal Cloud Platform and Infrastructure Architect

IonQ•Santa Clara, CA

4d•Hybrid

About The Position

IonQ is seeking a Principal Cloud Platform and Infrastructure Architect to join its Platform Engineering Team. This senior technical role is responsible for shaping the technical vision for secure, resilient, and scalable infrastructure platforms at a global scale. The architect will define and evolve a highly available and secure infrastructure across AWS and on-premises hardware, including foundational platform services, operational standards, and engineering practices. This role requires deep experience in cloud infrastructure, platform engineering, security architecture, SRE, and operational transformation, with a focus on connecting technical decisions to business outcomes and long-term platform strategy. The ideal candidate is hands-on, writing production infrastructure code, building proof-of-concept implementations, debugging complex distributed system failures, and leading by example through daily technical execution. The position is located onsite or hybrid in Santa Clara / Bay Area, CA, with up to 25% travel required, both domestically and internationally.

Requirements

12–15 years of professional experience in Cloud Infrastructure, Platform Engineering, System Engineering, or SRE, including 8 years of experience building, scaling, or transforming Platform Engineering or SRE organizations.
10 years of experience operating production environments with real customer workloads at scale, alongside 10 years of experience in highly available, secure, and scalable distributed systems design.
10 years of experience with AWS Cloud Architecture and Services (multi-account, multi-region) and 5 years of experience with AWS Organizations, Control Tower, and Service Control Policies.
8 years of experience in cloud networking (VPC design, Transit Gateway, routing, segmentation, dual-stack IPv4/IPv6).
6 years of experience with Infrastructure-as-Code (OpenTofu, Terragrunt, Packer, Ansible) and 5 years of experience in Kubernetes Platform Architecture (EKS, Bottlerocket, ARM64/Graviton, FIPS).
6 years of experience with security controls and cloud security (WAF, DDoS mitigation, layered edge/app protection), paired with 6 years of experience in network security, encryption, authentication, authorization, and identity-centric access.
5 years of experience in backup, restore, and disaster recovery for mission-critical platforms.

Nice To Haves

Relevant certifications such as AWS Solutions Architect Professional, GCP Professional Cloud Architect, CISSP, or CCSP.
Demonstrated industry impact through technical publications, conference presentations, or significant open-source contributions.
Experience with multi-cloud infrastructure management (AWS, GCP, Azure), on-premises network architecture (Juniper, Cisco, Ubiquiti), and hybrid cloud connectivity.
Expertise in distributed systems, microservice architectures, container orchestration (Kubernetes), continuous deployment at enterprise scale, global database architectures, and distributed data systems.
Deep expertise in Linux/Unix internals, file systems, system tuning, administration, networking, and troubleshooting across network, application, and distributed service layers.
Experience designing and operating centralized identity platforms (SSO, IAM federation, OAuth/OIDC) within regulated environments or compliance-driven infrastructure at enterprise or federal scale (financial services, healthcare, federal/defense).
Experience with AWS Fault Injection Simulator, resilience testing frameworks, and exposure to AI/ML infrastructure, GPU-based workloads, or agentic AI platform services.
Experience leading platform or infrastructure teams through transformational change or hyper-growth phases.
Track record of TCO optimization, capacity planning, and infrastructure capital planning for global deployments.

Responsibilities

Define the multi-year technical vision and end-to-end architecture across AWS and on-premises infrastructure, producing high-level designs for hybrid cloud connectivity.
Architect highly available, fault-tolerant systems and drive proactive resilience strategies including chaos engineering, failure simulations, and comprehensive recovery/restore testing.
Lead infrastructure security designs utilizing network segmentation, zero-trust principles, and boundary protection, ensuring compliance with SOC 2, ISO 27001, NIST, and FedRAMP frameworks.
Maintain core platform services including identity, networking, multi-region deployments, physical servers, on-premises network gear (Juniper, Cisco, Ubiquiti), and runtime controls for agentic AI platforms.
Enforce Infrastructure-as-Code (IaC) standards and chair the Architecture Board to align technical governance and hold tie-breaking authority over engineering standards.
Establish incident response frameworks, lead critical escalations, and configure observability stacks or alerting systems to optimize platform reliability and restoration times.
Align the multi-year technical roadmap with business outcomes, capacity planning, and TCO optimization while mentoring senior technical leaders across the organization.
Promote industry thought leadership by representing the organization through external speaking engagements, publications, patents, or open-source contributions.
Execute daily technical tasks hands-on by writing production code (OpenTofu, Terragrunt, Packer, Ansible), implementing IAM/encryption controls, and debugging complex distributed system failures.