Retour aux emplois
XX
Cloud Engineer - Platform & DevOpsthe enough companyNew York, New York, United States
XX

Cloud Engineer - Platform & DevOps

the enough company
  • US
    New York, New York, United States
  • US
    New York, New York, United States

À propos

About Stratiform Stratiform Digital is a digital services firm that builds modern, cloud-native software for government and enterprise clients. We take on complex modernization work, moving legacy systems onto maintainable, well-architected AWS foundations, and we hold a high bar for engineering quality, testing, and clear communication.
About the Role We are seeking a Cloud Engineer to own the infrastructure, CI/CD platform, and cloud architecture for a large-scale legacy modernization effort, migrating a Java Spring Boot / Angular monolith to Node.js microservices on AWS. This is not a support role: you will be the team's subject matter expert for AWS CDK, architecting reusable infrastructure constructs, defining deployment pipelines, and establishing the standards all engineers follow. You will partner closely with the Technical Lead and application engineers to ensure the cloud-native architecture is built for security, scalability, observability, and long-term maintainability.
What You'll Do
Own the AWS CDK codebase: design, build, and maintain reusable constructs, multi-environment stacks, and deployment patterns engineers can adopt consistently.
Design and implement the full CI/CD strategy using GitHub Actions: reusable workflows, composite actions, environment promotion gates, OIDC-based AWS authentication, and security scanning.
Architect cloud infrastructure for the microservices platform: Lambda, API Gateway, RDS/Aurora (PostgreSQL), S3, Step Functions, SQS, SNS, EventBridge, and CloudFront.
Establish and enforce AWS IAM policies and permission models: least-privilege roles across services, environments, and cross-account access.
Collaborate with application engineers to solution and validate service-level infrastructure requirements; translate architectural decisions into CDK constructs.
Implement observability standards: logging, distributed tracing, metrics, and alerting using CloudWatch, X-Ray, and related tooling.
Define and document infrastructure standards, architectural decision records (ADRs), and operational runbooks.
Evaluate and recommend AWS managed services to reduce operational overhead, steering the team away from undifferentiated heavy lifting.
Participate in security reviews; implement encryption at rest and in transit, secret management, and VPC network controls.
Stay current on AWS service releases and proactively identify improvements to architecture and tooling.
What We're Looking For AWS CDK & Infrastructure as Code
Deep, hands-on AWS CDK expertise: L1/L2/L3 constructs, construct libraries, cross-stack references, multi-account/multi-environment patterns, and CDK pipelines.
Strong understanding of CloudFormation mechanics underlying CDK deployments.
Experience building internal CDK construct libraries or platform-level tooling shared across teams.
Ability to balance standardization with flexibility: shared constructs that accommodate diverse needs without becoming overly prescriptive.
CI/CD & GitHub Actions
Production-grade GitHub Actions experience: reusable workflows, composite actions, workflow templates, matrix builds, and secrets management.
OIDC-based authentication between GitHub Actions and AWS, eliminating long-lived credentials.
Designing automated pipelines covering build, test, security scanning, deployment, and environment promotion.
Familiarity with blue/green, canary, and feature-flag-gated deployment strategies in serverless or containerized contexts.
AWS Managed Services
Deep familiarity with compute and integration services: Lambda, API Gateway, Step Functions, SQS, SNS, EventBridge, and ECS/Fargate.
Hands-on with data services: RDS/Aurora (PostgreSQL), S3, DynamoDB, Glue, Kinesis/MSK, Redshift, and Athena.
Strong networking knowledge: VPCs, subnets, security groups, NACLs, VPC endpoints, PrivateLink, and Transit Gateway concepts.
Experience with CloudFront and edge configuration for front-end delivery.
AWS IAM & Security
Expert-level IAM: permission boundaries, resource- and identity-based policies, SCPs, and cross-account role assumptions.
Secrets management with AWS Secrets Manager or Parameter Store.
Encryption patterns: KMS key management, S3 server-side encryption, RDS encryption, and TLS configuration.
Familiarity with GuardDuty, Security Hub, Config, and CloudTrail.
Observability & Operations
Experience designing observability stacks: structured logging, distributed tracing (X-Ray or OpenTelemetry), CloudWatch metrics/dashboards, and alerting.
Operational mindset: builds infrastructure that is easy to troubleshoot, monitor, and evolve.
Familiarity with containerization (Docker) as it applies to pipeline reproducibility and ECS/Fargate.
Experience & Qualifications
5+ years of cloud infrastructure or DevOps engineering experience, with at least 3 years focused on AWS.
3+ years of hands-on AWS CDK experience with a track record of reusable construct design and multi-environment deployments.
3+ years building and maintaining GitHub Actions pipelines in a team or enterprise context.
Bachelor's degree in Computer Science, Engineering, or a related field (equivalent experience accepted).
AWS certifications strongly preferred: Solutions Architect (Associate or Professional), DevOps Engineer, or Security Specialty.
Prior experience supporting federal or government contracts is a plus.
Ideal Technology Experience
AWS CDK
CloudFormation
GitHub Actions
Lambda
API Gateway
RDS/Aurora (PostgreSQL)
S3
Step Functions
SQS
SNS
EventBridge
CloudFront
ECS/Fargate
AWS IAM
CloudWatch
X-Ray
Docker
#J-18808-Ljbffr
  • New York, New York, United States

Compétences linguistiques

  • English
Avis aux utilisateurs

Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.