DevOps Engineer; senior

We’re looking for a Senior Dev Ops Engineer who can take ownership of our AWS infrastructure and make it reliable, predictable, and easy to operate. Our systems run on ECS/Fargate with CDK-managed and manually‑provisioned resources. Today, spinning up new environments is slow and error‑prone, and our networking setup is overly complex. We need someone who can stabilize what exists, simplify it where possible, and set the foundation for long‑term scalability.

This role is hands‑on: understanding our current state, reducing complexity, improving CI/CD, fixing networking pain points, and building proper visibility into production.

This is not about over‑engineering. We need someone who can make things reliable, secure, and easy to operate  you enjoy bringing order to complex cloud estates and making production environments secure, observable, and predictable, we’d love to hear from you.

• Understand and document the current AWS landscape (multi‑account, VPCs, networking, ECS /Fargate, CDK stacks, and the manually‑created pieces we rely on).
• Untangle and simplify networking (VPCs, transit configuration, DNS, TLS/mTLS, routing issues, and environment‑to‑environment connectivity).
• Standardize our infrastructure using CDK and remove manual snowflake resources where possible.
• Fix CI/CD pipelines (Git Hub Actions), including environment‑specific workflows, deployment rules, secrets management, and automated promos.
• Improve environment creation so new dev/stage/test environments can be brought up consistently and without manual chaos.
• Harden AWS security (IAM, S3 policies, encryption, Cloud Trail, Security Hub, least privilege).
• Improve observability with Cloud Watch: logs, metrics, alarms, dashboards, runbooks, and rollback strategies.
• Support developers by ensuring ECS /Fargate deployments, Lambdas, and networking don’t get in their way.
• Continuously optimize cost, performance, and resiliency—and keep documentation up to date.

Strong AWS experience, particularly with:

VPC, routing, TGW , Cloud WAN

IAM + SSO (Identity Center)

ECS /Fargate

S3, Cloud Front, Lambda

Cloud Watch, Cloud Trail, Security Hub

Experience fixing and simplifying messy, partially-manual, partially‑CDK infrastructure
.

Solid understanding of production networking (site‑to‑site VPN, DNS, TLS).

Strong Infrastructure‑as‑Code skills with AWS CDK (modular design, environment isolation).

Practical CI/CD experience with Git Hub Actions (policies, secrets, approvals, automated deploys).

Ability to produce clear documentation
: diagrams, runbooks, and ownership models.

A pragmatic engineer who prefers stability and maintainability over fancy tools.

Terraform Git Hub Provider for repo/organization governance and automation.

Automated compliance: CIS Benchmarks, OWASP SAMM, ISO 27001 control implementation, secret scanning, SBOM generation.

Containers & platforms:
Docker;
Helm/Kustomize;
Git Ops tools (Flux or Argo CD); service mesh and networking (Istio, Cilium, eBPF);
Kubernetes security contexts.

In addition to team events (Team building, Christmas party and more), here are a few perks we offer:

Learning events and certifications

Private medical subscription with Regina Maria