AWS Cloud Engineer

AWS Cloud Engineer

Contract

100% Remote

Note: More focused on Computes, responsible for compute, how its built, looking EC2, golden AMI pipelines, Image builders itself, hardening patching, enforcing cis benchmarks, build AMI pipelines, EC2 leads etc.

Skills:

TECHNICAL SKILLS

Must Have

1. AWS EC2 architecture including instance types, placement groups, and Auto Scaling Group lifecycle management
2. Cloud security controls: encryption, network isolation, identity management, policy enforcement
3. EBS volume management, encryption enforcement, and snapshot lifecycle
4. EC2 Image Builder pipelines — recipe configuration, component authoring, image testing, and cross-account AMI distribution
5. Golden AMI lifecycle management: base image selection, CIS benchmark hardening, security agent integration (endpoint protection, vulnerability scanning), and automated image rotation/deprecation
6. Infrastructure as Code principles and Terraform lifecycle management
7. Launch template and Auto Scaling Group integration with AMI pipelines for fleet-wide image updates
8. Linux/macOS command-line proficiency
9. Proficiency in Python, Bash/Shell scripting
10. Understanding of OS hardening standards (CIS Benchmarks), patch management, and image compliance

Nice To Have

1. AWS Certifications: Solutions Architect (Associate or Professional), SysOps Administrator, DevOps Engineer, Security Specialty, or equivalent cloud certifications
2. Cloud Service Evaluation & Governance: Experience evaluating, securing, and onboarding new cloud services for enterprise adoption.
3. Experience with CSPM tools (Prisma Cloud, AWS Config, or similar)
4. Experience with policy-as-code frameworks (Sentinel or similar)
5. Experience working in financial services or other highly regulated industries
6. Familiarity with containerization (ECS, EKS, Docker) and serverless architectures
7. Familiarity with HashiCorp Vault for secrets management and credential brokering
8. FinOps / Cloud Cost Optimization: Experience with AWS Cost Explorer, Budgets, cost allocation tagging strategies, right-sizing, and Savings Plans
9. Working knowledge of Go (Golang)

JOB SUMMARY

AWS Cloud Engineer

JOB DESCRIPTION

Company Overview

A major financial institution is seeking an experienced AWS Cloud Platform Engineer to support its enterprise AWS environment. The Cloud Engineering team is responsible for designing, operating, and securing the enterprise AWS cloud platform — managing 100+ AWS accounts, 250+ serverless functions, and a comprehensive infrastructure-as-code ecosystem that supports the institution''s digital transformation and regulatory compliance objectives.

Position Summary

The AWS Cloud Engineering III role is a hands-on technical position focused on day-to-day cloud platform operations including AWS account lifecycle management, infrastructure provisioning, compute pipeline management, security controls enforcement, and operational support. The ideal candidate is a seasoned cloud engineer who thrives in a regulated enterprise environment and can independently execute complex infrastructure tasks while adhering to strict change management and compliance requirements.

Duties and Responsibilities

Infrastructure Operations & Account Lifecycle

·       Provision and manage AWS accounts, services, and decommissioning within AWS Organizations

·       Perform VPC provisioning, upgrades, and configuration management using Terraform

·       Manage Transit Gateway attachments, route table configurations, and cross-account network connectivity

·       Support compute infrastructure including EC2 fleet management, Auto Scaling Groups, and load balancer configurations

·       Fulfill infrastructure change requests through ITSM processes and formal change management

Infrastructure as Code (IaC)

·       Develop, maintain, and troubleshoot Terraform configurations for AWS infrastructure provisioning

·       Work within Terraform Cloud workspaces with policy-as-code enforcement

·       Leverage and contribute to internal Terraform modules, guardrails and standardized workflows

·       Manage Terraform state, plan/apply workflows, and workspace configurations across multiple AWS accounts

Security & Compliance

·       Implement and maintain Service Control Policies (SCPs), IAM policies and  least privilege access models

·       Enforce encryption and data protection standards (EBS, RDS, S3, KMS)

·       Triage and remediate findings from cloud security posture management (CSPM) tools, vulnerability scanners, and drift detection

·       Manage VPC endpoint configurations, PrivateLink connectivity, and network security controls

Monitoring, Cost Management & Operational Support

·       Monitor and respond to alarms, security findings, and AWS Config rule violations

·       Support FinOps practices including cost/budget monitoring and enforcement, and resource optimization recommendations

·       Participate in on-call rotation for cloud platform support

·       Collaborate with application teams, security, and enterprise architecture stakeholders

Documentation & Knowledge Management

·       Maintain and update operational runbooks, SOPs, and technical documentation

·       Document infrastructure decisions, configurations, troubleshooting procedures, and customer support guides

Minimum Knowledge, Skills, and Abilities Required

Required Experience (Must-Haves)

·       5 – 10 years of hands-on experience in cloud infrastructure engineering (AWS focused)

·       Demonstrated experience with Terraform (HCL) and IaC lifecycle management

·       Deep working knowledge of AWS core services: VPC, EC2, Lambda, S3, RDS, IAM, KMS, CloudWatch, CloudTrail, Route 53, API Gateway, ELB (ALB/NLB), Transit Gateway

·       Experience operating multi-account AWS environments using AWS Organizations and SCPs

·       Proficiency in IAM policy design, cross-account access patterns, and least-privilege principles

·       Experience with CI/CD pipelines (Terraform Cloud, Jenkins, GitHub Actions, or equivalent)

·       Experience with Git-based workflows (branching strategies, pull requests, code reviews) in GitHub Enterprise or similar

·       Experience working in regulated or enterprise environments with formal change management  (ServiceNow or equivalent ITSM)

·       Strong troubleshooting and problem-solving skills for complex, multi-account AWS environments

·       Excellent written and verbal communication skills; ability to produce clear technical documentation

Work Environment

·       Remote-first with preference for candidates in the Metro Detroit, Michigan area

·       Standard business hours with participation in an on-call rotation