Senior AWS DevOps Engineer

This initiative focuses on AWS network modernization and cloud automation with dual-stack IPv6/IPv4 enablement. The goal is to simplify networking, standardize infrastructure automation, and prepare for IPv6-native workloads. The first phase centers on automating AWS VPC deployments, followed by testing and validation of IPv6/IPv4 capabilities. 
Parallel efforts include: 
 

• Building new AWS infrastructure in US-West (greenfield, IPv4 single-stack) with Direct Connect, Network Gateways, and Firewalls. 
• Expanding Monitoring and Alerting across 1,000+ VPCs and 500 subaccounts via centralized Datadog integration. 
• Discovery for Direct Connect Modernization (10G→100G upgrades) and HA Proxy Optimization.
  
  We expect you to bring
   
• 5+ years in AWS Cloud Infrastructure and DevOps. 
• Expert in Terraform and modular IaC design. 
• Strong understanding of AWS networking (VPC, TGW, Direct Connect, NACLs, SGs, Route 53). 
• Hands-on experience with automation and CI/CD (GitHub Actions, CodePipeline, or Jenkins). 
• Familiar with IPv6 networking concepts and dual-stack deployment. 
• Experience with Datadog or similar observability platforms. 
• Proficient in Python or Bash scripting. 
• Solid understanding of IAM, SCP, and multi-account setups. 
• Production experience building AWS Step Functions and/or AWS Lambdas state machines and authoring Lambda functions in Python (boto3) for provisioning and validation 
• Knowledge of idempotent API patterns, exponential backoff, and eventual consistency in AWS APIs 
• Experience integrating Step Functions/Lambda with Terraform runners (e.g., CodeBuild) and/or CloudFormation StackSets 

What will be your tasks
 

• Build and automate AWS infrastructure for new environments (VPCs, TGWs, Firewalls, Routing, IAM, SCPs). 
• Implement Infrastructure-as-Code using Terraform/CloudFormation/CDK. 
• Design and test dual-stack (IPv4 + IPv6) networking patterns, DNS, and routing. 
• Integrate Datadog for centralized monitoring and alerting. 
• Orchestrate provisioning workflows using AWS Step Functions (ASL) with idempotent AWS Lambda (Python) tasks (create VPCs, subnets, route tables, TGW attachments, IGW/egress-only IGW, NATs). 
• Build guardrails: input validation, retries with backoff, compensating actions/rollbacks, tagging, and audit logging (CloudWatch Logs/CloudTrail) 
• Expose provisioning as APIs (API Gateway + Step Functions) and integrate with CI/CD and Service Catalog / Control Tower where applicable 
• Implement automated post-provision tests (Lambda) for IPv6 reachability, DNS64/NAT64 paths, TGW routing, and Datadog connectivity 
• Support validation testing for connectivity, security, and automation workflows. 

• Participate in documentation and handover (architecture, IaC, runbooks).  

  
  What we offer

   

• 20 days of paid annual leave, plus public holidays
• 5 paid sick days per year
• remote-first environment
• a friendly and supportive team
• personal development plans
• access to experienced mentors and technical leaders
• reimbursement for sports activities, and certifications (after probation)
• ongoing learning opportunities, including training sessions and knowledge-sharing
• free English lessons to boost your communication skills if needed