Cloud Architect

This initiative focuses on AWS network modernization and cloud automation with dual-stack IPv6/IPv4 enablement. You will lead the architectural vision for scalable, secure cloud infrastructure while guiding the engineering team through complex AWS transformations across 1,000+ VPCs and 500 subaccounts.

Key initiatives include

- Architecting new AWS infrastructure in US-West with Direct Connect, Network Gateways, and Firewalls

- Designing centralized monitoring architecture via Datadog integration

- eading Direct Connect Modernization (10G→100G upgrades) and establishing cloud governance frameworks

We expect you to bring

• 7+ years as a DevOps Engineer and experience in AWS Cloud Architecture and Infrastructure design
•  Proven track record designing large-scale, multi-account AWS environments
• Deep expertise in AWS networking (VPC design patterns, Transit Gateway topologies, Direct Connect, IPv6/IPv4 dual-stack)
•  Strong experience with AWS Well-Architected Framework and landing zones (Control Tower/Organizations)
•  Expert knowledge of IaC architectural patterns (Terraform/CloudFormation/CDK)
• Deep understanding of security architecture (IAM, SCPs, AWS Config, Security Hub, Network Firewall)
• Experience architecting observability solutions at scale (Datadog/CloudWatch)
•  Experience designing event-driven architectures (Step Functions, Lambda, EventBridge)
• Excellent documentation skills and ability to mentor engineering teams
• AWS certifications are highly valued (Solutions Architect Professional, Advanced Networking)

What will be your tasks

Architecture & Leadership

• Define AWS cloud architecture strategy and roadmap for the modernization initiative
• Design scalable, secure multi-account environments with comprehensive documentation (HLD/LLD, ADRs)
• Establish architectural standards, patterns, and guardrails
• Provide technical mentorship and conduct architecture reviews

Network & Security Design

• Architect dual-stack (IPv4 + IPv6) networking patterns, Transit Gateway topologies, and Direct Connect redundancy
• Design network segmentation and security controls across 1,000+ VPCs
• Define DNS architecture, including Route 53, DNS64/NAT64, and hybrid resolution
• Establish monitoring, flow log analysis, and compliance frameworks

Automation & Governance

• Design IaC architecture and module structure for Terraform/CloudFormation
• Architect Step Functions workflows with proper error handling and idempotency
• Define CI/CD pipeline architecture and API-driven provisioning patterns
• Establish governance using Control Tower, SCPs, and Config Rules

Observability & Stakeholder Engagement

• Architect centralized Datadog monitoring across all accounts with SLIs/SLOs
• Present architecture proposals to leadership with cost optimization strategies
• Collaborate with stakeholders to translate requirements into technical architecture

What we offer

• 20 days of paid annual leave, plus public holidays
• 5 paid sick days per year
• remote-first environment
• a friendly and supportive team
• personal development plans
• access to experienced mentors and technical leaders
• reimbursement for sports activities, and certifications (after probation)
• ongoing learning opportunities, including training sessions and knowledge-sharing
• free English lessons to boost your communication skills if needed