KEY RESPONSIBILITIES
Cloud Architecture & Infrastructure
– Design and deploy cloud architectures across AWS that meet performance, security, availability, and cost-efficiency requirements for a diverse portfolio of enterprise and research applications.
– Architect and implement cloud networking, compute, storage, and identity constructs with security built in from the outset applying least-privilege principles, network segmentation, encryption, and defense-in-depth across every layer.
– Evaluate and recommend cloud services, architectural patterns, and infrastructure approaches; build evidence-based adoption cases that account for engineering capability, operational cost, and long-term platform sustainability.
Automation & Deployment
– Implement and maintain infrastructure-as-code (IaC) frameworks using Terraform, CloudFormation, Ansible, or equivalent making infrastructure provisioning repeatable, auditable, and developer-friendly.
– Build and maintain CI/CD pipelines for cloud infrastructure and application deployments; ensure changes are tested, validated, and deployed safely with automated rollback capability.
– Drive automation of operational tasks patching, scaling, monitoring, alerting, and cost optimization reducing manual intervention and improving platform reliability and response time.
Security & Compliance
– Ensure cloud environments comply with Client’s security standards, regulatory requirements, and data governance policies; implement and maintain controls for identity management, Products management, audit logging, and encryption at rest and in transit.
– Monitor cloud security posture continuously; identify and remediate misconfigurations, drift, and policy violations integrating CSPM tooling into operational workflows for proactive compliance management.
– Partner with Cybersecurity teams to align cloud platform security with enterprise threat models and applicable regulatory frameworks including GxP, 21 CFR Part 11, HIPAA, and SOX where relevant.
Optimisation & Operational Excellence
– Monitor cloud environments for performance, availability, and cost efficiency; proactively identify waste, right-size resources, and drive FinOps practices that deliver cloud value without unnecessary spend.
– Contribute to platform engineering standards, reference architectures, and guardrails that simplify how development teams consume cloud infrastructure correctly and consistently.
– Troubleshoot and resolve cloud infrastructure issues with urgency and precision; contribute to post-incident analysis and implement preventive improvements that reduce recurrence.
Quals–
The Cloud Engineer is responsible for designing, implementing, and maintaining secure, scalable, and reliable cloud-based solutions. This role supports business objectives by optimizing cloud infrastructure, automating deployments, and ensuring compliance with security and performance standards.
BASIC QUALIFICATIONS
– Bachelor’s degree in Computer Science, Information Technology, or a related field or equivalent professional experience.
– 3 years of hands-on cloud engineering experience in a production AWS enterprise environment.
– Demonstrated proficiency with infrastructure-as-code tools (Terraform, CloudFormation, Ansible, or equivalent) and version control (Git).
– Proficiency in scripting languages (Python, Bash, or equivalent) for automation and tooling development.
– Strong understanding of cloud networking, virtualization, containerization (Docker, Kubernetes), and cloud security principles.
– Experience with CI/CD pipelines and DevOps practices in a cloud-native context.
PREFERRED QUALIFICATIONS
– AWS Certified Solutions Architect (Associate or Professional), AWS DevOps Engineer, or Azure Administrator/Architect certification strongly preferred.
– Experience with FinOps practices and cloud cost optimization at enterprise scale.
– Familiarity with monitoring and observability platforms (Prometheus, Grafana, Splunk, CloudWatch, Azure Monitor, or equivalent).
– Experience in pharmaceutical, healthcare, life sciences, or other regulated industries particularly with GxP, 21 CFR Part 11, or HIPAA cloud compliance requirements.
– Experience with Kubernetes in production (EKS, AKS, or self-managed) including cluster operations and workload management.
– Background in cloud security architecture: IAM design, Products management, network security groups, and cloud-native security tooling[MB1.1].
– 3 years of experience delivering in an Agile methodology
WHAT YOU SHOULD BRING
– Deep, hands-on cloud expertise you build and operate production cloud infrastructure, and you hold yourself accountable for its reliability, security, and cost.
– Infrastructure-as-code as a default practice: you write Terraform or equivalent as naturally as you use the cloud console, and you understand why that matters for consistency, auditability, and scale.
– A security-conscious engineering mindset you design with least privilege, defense in depth, and compliance requirements built in from the start, not retrofitted under pressure.
– A cost-conscious approach: you care about what cloud resources cost, you design systems that deliver value without unnecessary spend, and you proactively surface optimization opportunities.
– The communication skills to work effectively with developers who need platform guidance and business stakeholders who need to understand cloud investment decisions and to adjust your language for each.