Senior Cloud Infrastructure Engineer

Description

Aetion is a healthcare technology company that provides real-world evidence (RWE) solutions and analytics software to biopharmaceutical companies, payers, and regulatory agencies. Their platform helps organizations analyze real-world healthcare data to generate scientifically validated insights about the safety, effectiveness, and value of medical treatments, guiding critical decisions in product development, regulatory approval, reimbursement, and clinical strategy.

We are transitioning ownership of a highly sensitive, HIPAA and ISO27001–compliant AWS environment from a legacy operational model to centralized engineering standards. We are looking for a senior, autonomous infrastructure engineer to stabilize existing systems, work through legacy complexity, and lead critical migration efforts toward supported, standardized platforms.

Requirements

Must-Have

Candidates must be able to demonstrate real, hands-on CLI experience in the following areas:

AWS Infrastructure
– Working via CLI with core AWS services
– Solid understanding of networking, storage, IAM, and common AWS components

Kubernetes
– Accessing, managing, and troubleshooting Kubernetes clusters using CLI tools (kubectl, contexts, basic cluster operations)

Python
– Practical coding experience
– Ability to read, understand, and modify existing Python code (not scripting-only or theoretical knowledge)

Required Technologies & Skills
– Cloud: AWS (EC2, VPC, IAM, S3, Transit Gateway, SSM, CloudWatch, Route53)
– IaC: Terraform (modules, state, providers), Packer
– OS & Networking: Windows environments, WSL, VPN technologies (OpenVPN, GlobalProtect)
– CI/CD: GitHub Actions (workflows, runners, OIDC)
– Strong ownership mindset and ability to work independently

Job responsibilities

Infrastructure Stabilization & Migration
– Troubleshoot and repair Image Builder / Packer pipelines to ensure secure and reliable base image generation
– Manage patching for isolated Windows environments
– Execute final migration steps from OpenVPN to GlobalProtect, including troubleshooting edge cases involving WSL and DNS

Infrastructure as Code
– Manage, refactor, and modernize a complex Terraform codebase migrated from CloudFormation
– Improve state management, modularization, and long-term maintainability
– Safely import and standardize legacy resources

Platform & Environment Ownership
– Operate confidently in legacy systems with incomplete documentation
– Make technical decisions that prioritize security, stability, and delivery