Activate JobCopilot
We are looking for a Senior AWS Infrastructure Engineer to redesign our AWS environment. The successful candidate will lead the design and implementation of a secure, scalable, multi-account AWS architecture, enable cost chargeback, and establish long-term operational best practices.
This role is infrastructure-first, requiring strong operating system, networking, and security fundamentals, in addition to deep AWS experience
Key Responsibilities:
- AWS Architecture & Multi-Account Design
- Design and implement a best-practice multi-account AWS architecture using AWS Organizations and Control Tower
- Define account strategies for customers, environments (Prod / Non-Prod), and shared services
- Establish and maintain an AWS Landing Zone aligned with security and compliance requirements
- Reduce operational and security risk by eliminating single-account blast radius
- Migration & Execution
- Plan and execute phased migrations of existing workloads from a monolithic AWS account to multiple accounts
- Minimize downtime and risk through careful migration planning, testing, and rollback strategies
- Work closely with application and platform teams during migration and cutover
- Infrastructure as Code & Automation
- Codify account provisioning and baseline infrastructure using Terraform
- Automate guardrails, networking, IAM, logging, and security controls
- Use CI/CD pipelines to support infrastructure as code, not as an application DevOps role
- Security & Governance
- Design and enforce security guardrails using SCPs, IAM boundaries, and least-privilege accessImplement and manage centralized security services including CloudTrail, GuardDuty, Security Hub, and AWS Config
- Support compliance and audit requirements (e.g. ISO 27001) through strong segregation of duties and logging
- Networking
- Design and operate AWS networking at scale, including:
- VPC design and segmentation
- Centralized networking models
- Transit Gateway (nice to have)
- Hybrid connectivity (VPN / Direct Connect where applicable)
- Apply strong TCP/IP, DNS, and routing fundamentals
- Cost Management & Chargeback
- Implement cost monitoring, budgeting, and reporting using AWS Cost Explorer and Budgets
- Enable cost separation and chargeback/showback per customer or account
- Support long-term FinOps visibility as the AWS environment scales
- Operating Systems & Infrastructure Operations
- Apply strong Linux and/or Windows systems engineering knowledge
- Support OS-level hardening, patching, access control, and troubleshooting
- Understand how cloud infrastructure maps to underlying OS and network behavior
Required Qualifications:
- Senior-level experience designing and operating AWS infrastructure at scale
- Hands-on experience with AWS Organizations, Control Tower, and multi-account architectures
- Proven experience migrating workloads from single-account to multi-account AWS environments
- Strong Linux and/or Windows OS fundamentals
- Strong networking fundamentals (TCP/IP, DNS, routing)
- Infrastructure as Code using Terraform
- Experience implementing security guardrails (SCPs, IAM, KMS)
- Experience with centralized logging, monitoring, and security tooling
- Experience with AWS cost management and chargeback/showback models
Nice to have:
- AWS Transit Gateway and advanced networking architectures
- Experience in regulated or compliance-driven environments (e.g. ISO 27001)
- AWS Professional certifications (Solutions Architect Pro, DevOps Engineer Pro)
- Experience designing long-term AWS platform or cloud foundations
We thank all applicants for their interest; however, only those selected for an interview will be contacted. FreeBalance is an inclusive employer dedicated to building a diverse workforce to increase the representation of the designated groups based on each country’s legislation. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective labour law throughout all stages of the recruitment process.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Your email job alert is now active!
