Senior Cloud Migration Architect

IN-Person Interview

Key Responsibilities

AWS Platform Configuration

· Configure and tune AWS Elastic Beanstalk environments for applications across Dev, Test, and Prod, including platform versions, scaling policies, environment variables, and rolling deployment configuration

· Stand up and operate Amazon EKS clusters across Dev/Test/Prod for containerized workloads, including node groups, cluster autoscaling, ingress controllers, and namespace strategy

· Provision and harden EC2/Cloud VM environments, including AMI selection, instance sizing, OS-level configuration, and patching strategy

· Partner with the DBA team on Amazon RDS setup for SQL Server and PostgreSQL including parameter groups, subnet groups, backup policies, and Multi-AZ configuration

· Design VPC networking, security groups, IAM roles/policies, KMS keys, and Secrets Manager integration following least-privilege principles

· Build infrastructure-as-code (Terraform preferred; CloudFormation acceptable) so every environment is reproducible and auditable

CI/CD & GitOps

· Design and build Azure DevOps build and release pipelines tailored to each migration pattern:

o EB pattern: source build → artifact → eb deploy to environment per stage

o EKS pattern: Docker build → ECR push → manifest/Helm chart update → GitOps sync via ArgoCD or Flux

o EC2 pattern: build → AMI bake or aws-deploy → blue/green or rolling release

o In-place upgrade pattern: validation, packaging, and controlled deployment to existing servers

· Implement GitOps using ArgoCD or Flux for EKS workloads - pull-based deployments, automated drift detection, app-of-apps or kustomize/helm patterns, multi-cluster or multi-namespace promotion

· Establish promotion strategy across Dev to Test to Prod with appropriate gates, approvals, and rollback mechanisms

· Standardize pipeline templates (YAML) so application teams can self-onboard new services consistently

· Integrate static analysis, container scanning (Trivy/ECR scan), SAST/DAST hooks, and artifact provenance into the pipeline

Observability & Reliability

· Configure CloudWatch logs, metrics, alarms, and dashboards for each workload

· Define SLOs, alerting thresholds, and incident response runbooks for production cutover events

Documentation & Hand-off

· Produce architecture decision records (ADRs), runbooks, and operational procedures so workloads can be supported by the long-term operations team

· Maintain a clean, versioned IaC repository as the source of truth for all environments

Collaboration

· Work daily with application development teams, AWS Infrastructure Team, DBA Team, and Tech Leads

· Pair with developers to debug cloud-specific issues (cold starts, container OOMs, RDS connectivity, IAM denials)

Required Qualifications

· 5–6+ years hands-on experience building and operating production workloads on AWS, with deep knowledge of Elastic Beanstalk, EKS, EC2, RDS, VPC, IAM, S3, CloudWatch, and Secrets Manager

· 3+ years hands-on with Kubernetes - production EKS preferred, including Helm, kubectl, ingress (ALB/NGINX), HPA, and troubleshooting pods/services/networking

· Production experience with ArgoCD or Flux - designed app-of-apps structure, managed multi-environment promotion, and resolved GitOps drift in real workloads. This is non-negotiable.

· Strong Azure DevOps Pipelines (YAML) experience - build pipelines, multi-stage release pipelines, variable groups, service connections, and self-hosted/Microsoft-hosted agents. Equivalent strong experience in another major CI/CD tool (GitHub Actions, GitLab CI, Jenkins) is acceptable if Azure DevOps can be picked up quickly

· Solid Docker skills - multi-stage builds, image hardening, ECR

· Infrastructure-as-Code in production: Terraform (preferred) or CloudFormation/CDK

· Database familiarity - comfortable working with DBA teams on RDS (SQL Server and PostgreSQL), connection strings, secrets rotation, and migration cutover

· Linux administration (RHEL/Amazon Linux/Ubuntu) and shell scripting (bash)

· Source control with Git - branching strategies, pull requests, code review discipline

· Strong written communication - must produce clear runbooks, architecture diagrams, and PR descriptions

Preferred Qualifications

· AWS certifications: AWS Certified Solutions Architect - Professional or DevOps Engineer - Professional

· CKA / CKAD (Certified Kubernetes Administrator/Developer)

· Experience migrating .NET and Java applications from on-premises to AWS

· Experience operating COTS products in containerized or cloud environments

· Experience with service mesh (Istio, App Mesh) or API gateways

· Exposure to HashiCorp Vault, secrets rotation, and certificate management

· Familiarity with DataDog, New Relic, or Splunk in addition to native AWS observability

· Experience with blue/green and canary deployment patterns