REQUIRED SKILLS & QUALIFICATIONS

• Extensive hands-on expertise with Terraform for IaC on AWS—must be able to architect,modularize, and maintain complex Terraform codebases.
• Deep understanding of AWS networking (VPC, subnets, route tables, NAT gateways, Transit Gateway, site-to-site VPN, Direct Connect).
• Strong grasp of network and application-level security concepts on AWS, with practical experienceenforcing best practices (security groups, IAM, KMS, encryption in transit/at rest, WAF, CloudTrail, GuardDuty).
• Solid familiarity with DevOps tools/practices: Source control (Git), CI/CD, automated testing, containerization (Docker/ECS/EKS), and logging/monitoring (CloudWatch, Prometheus, Grafana).
• Direct experience with integrating security into DevOps workflows (DevSecOps): automated security tests, policy as code, vulnerability scanning, compliance monitoring.
• Proficiency in at least one programming/scripting language (Python, Bash, Go, etc.) for automation and tool integration.
• Experience with configuration management tools (Ansible, Chef, Puppet, or similar) is a plus.
• Experience building infrastructure in regulated or secure environments is highly desirable.
• Familiarity with GCC (Government on commercial cloud) is a plus.

• Design, automate, and manage scalable AWS cloud infrastructure using Infrastructure-as-Code, with a primary focus on Terraform.
• Implement, manage, and improve continuous integration and continuous deployment (CI/CD) pipelines using industry-standard DevOps tools (Jenkins, GitLab CI, GitHub Actions, etc.).
• Champion and integrate DevSecOps practices, embedding security controls and compliance into all stages of cloud infrastructure provisioning and deployment.
• Architect, deploy, and manage robust network topologies, including VPCs, subnets, VPNs, firewalls (Security Groups, NACLs), and interconnecting/peering solutions on AWS.
• Monitor, troubleshoot, and optimize cloud infrastructure for performance, cost-efficiency, high availability, and security.
• Automate environment provisioning, application deployments, and system monitoring using tools such as Ansible or similar.
• Implement security best practices for cloud networking, including secure access controls, IAM policies, encryption, and network segmentation.
• Perform vulnerability scanning, cloud security audits, and coordinate with development teams to ensure infrastructure meets security standards.
• Manage secrets and sensitive configuration using tools like AWS Secrets Manager, HashiCorp Vault, or similar.
• Document infrastructure designs, automate runbooks, and provide knowledge transfer to team members and stakeholders.