AWS Cloud Migration Architect (Onsite interviews - Hybrid)

The following are required for bid submission:

• Resume
• R2R
• Meets Work Location
• Cover Sheet

Position Overview

• We are seeking a Senior Cloud Migration Architect to embed with our development team and lead the AWS platform configuration and CI/CD automation for a large-scale enterprise cloud migration program. The program covers 30+ applications across migration approaches such as Elastic Beanstalk, Amazon EKS, EC2/Cloud VM - to be delivered across multiple sprints.
• The contractor will own the technical configuration of AWS services for each migration pattern, design and build Azure DevOps (ADO) pipelines that integrate with ArgoCD or Flux for GitOps-driven deployments to EKS, and partner closely with application teams, the AWS Infrastructure Team, and the DBA team to deliver production-ready environments sprint by sprint.
• This is a hands-on, deeply technical role for someone who can move fast, write production-grade IaC, debug across the stack, and mentor application developers and administrators on cloud-native patterns.

Key Responsibilities

• AWS Platform Configuration
• Configure and tune AWS Elastic Beanstalk environments for applications across Dev, Test, and Prod, including platform versions, scaling policies, environment variables, and rolling deployment configuration
• Stand up and operate Amazon EKS clusters across Dev/Test/Prod for containerized workloads, including node groups, cluster autoscaling, ingress controllers, and namespace strategy
• Provision and harden EC2/Cloud VM environments, including AMI selection, instance sizing, OS-level configuration, and patching strategy
• Partner with the DBA team on Amazon RDS setup for SQL Server and PostgreSQL including parameter groups, subnet groups, backup policies, and Multi-AZ configuration
• Design VPC networking, security groups, IAM roles/policies, KMS keys, and Secrets Manager integration following least-privilege principles
• Build infrastructure-as-code (Terraform preferred; CloudFormation acceptable) so every environment is reproducible and auditable
• CI/CD & GitOps
• Design and build Azure DevOps build and release pipelines tailored to each migration pattern:
• EB pattern: source build → artifact → eb deploy to environment per stage
• EKS pattern: Docker build → ECR push → manifest/Helm chart update → GitOps sync via ArgoCD or Flux
• EC2 pattern: build → AMI bake or aws-deploy → blue/green or rolling release
• In-place upgrade pattern: validation, packaging, and controlled deployment to existing servers
• Implement GitOps using ArgoCD or Flux for EKS workloads - pull-based deployments, automated drift detection, app-of-apps or kustomize/helm patterns, multi-cluster or multi-namespace promotion
• Establish promotion strategy across Dev to Test to Prod with appropriate gates, approvals, and rollback mechanisms
• Standardize pipeline templates (YAML) so application teams can self-onboard new services consistently
• Integrate static analysis, container scanning (Trivy/ECR scan), SAST/DAST hooks, and artifact provenance into the pipeline
• Observability & Reliability
• Configure CloudWatch logs, metrics, alarms, and dashboards for each workload
• Define SLOs, alerting thresholds, and incident response runbooks for production cutover events
• Documentation & Hand-off
• Produce architecture decision records (ADRs), runbooks, and operational procedures so workloads can be supported by the long-term operations team
• Maintain a clean, versioned IaC repository as the source of truth for all environments
• Collaboration
• Work daily with application development teams, AWS Infrastructure Team, DBA Team, and Tech Leads
• Pair with developers to debug cloud-specific issues (cold starts, container OOMs, RDS connectivity, IAM denials)

Required Qualifications

• 5–6+ years hands-on experience building and operating production workloads on AWS, with deep knowledge of Elastic Beanstalk, EKS, EC2, RDS, VPC, IAM, S3, CloudWatch, and Secrets Manager
• 3+ years hands-on with Kubernetes - production EKS preferred, including Helm, kubectl, ingress (ALB/NGINX), HPA, and troubleshooting pods/services/networking
• Production experience with ArgoCD or Flux - designed app-of-apps structure, managed multi-environment promotion, and resolved GitOps drift in real workloads. This is non-negotiable.
• Strong Azure DevOps Pipelines (YAML) experience - build pipelines, multi-stage release pipelines, variable groups, service connections, and self-hosted/Microsoft-hosted agents. Equivalent strong experience in another major CI/CD tool (GitHub Actions, GitLab CI, Jenkins) is acceptable if Azure DevOps can be picked up quickly
• Solid Docker skills - multi-stage builds, image hardening, ECR
• Infrastructure-as-Code in production: Terraform (preferred) or CloudFormation/CDK
• Database familiarity - comfortable working with DBA teams on RDS (SQL Server and PostgreSQL), connection strings, secrets rotation, and migration cutover
• Linux administration (RHEL/Amazon Linux/Ubuntu) and shell scripting (bash)
• Source control with Git - branching strategies, pull requests, code review discipline
• Strong written communication - must produce clear runbooks, architecture diagrams, and PR descriptions

Preferred Qualifications

• AWS certifications: AWS Certified Solutions Architect - Professional or DevOps Engineer - Professional
• CKA / CKAD (Certified Kubernetes Administrator/Developer)
• Experience migrating .NET and Java applications from on-premises to AWS
• Experience operating COTS products in containerized or cloud environments
• Experience with service mesh (Istio, App Mesh) or API gateways
• Exposure to HashiCorp Vault, secrets rotation, and certificate management
• Familiarity with DataDog, New Relic, or Splunk in addition to native AWS observability
• Experience with blue/green and canary deployment patterns

“Cleo Consulting is an equal opportunity employer (Minorities/Women/Veterans/Disabled)”