Cloud Architect

To Apply for this Job  Job Summary

As a Cloud Architect, you will design, implement, and maintain serverless and container-based infrastructure (Lambda, ECS) and data services (Aurora Postgre

SQL with vector search) to support Retrieval-Augmented Generation with company data to connect diverse enterprise systems and deliver business outcomes s work will be foundational for the products supported by our shared technology services team in solving some of our hardest problems such as optimizing the supply chain, integrating 100+ manufacturing sites into an enterprise Data Fabric, and helping automate the proposal processes around multi-million dollar contracts, along with many other huge opportunities.

You will work across multiple business programs to enable AI outcomes as a front-line builder for new applications and capabilities built in the AWS cloud. Your expertise in scalable serverless cloud architecture, cloud security, and multi-tier architectures will help drive infrastructure-as-code and automation-first approaches using AWS Cloud Formation (CFT) and CI/CD to accelerate delivery of our AI-driven solutions across supply chain optimization, manufacturing operations, and enterprise analytics initiatives.

• Translate solution needs from app teams into AWS architectures and IaC templates; iterate designs through reviews and proofs-of-concept
• Build, version, and maintain Cloud Formation stacks/modules for core services (VPC, subnets, security groups/firewalls, IAM, S3, API Gateway, Event Bridge, ECS, Lambda, Aurora Postgre
  
  SQL)
• Engineer RAG-enabling data layers: configure Aurora Postgre
  
  SQL schemas, extensions, and vector search; define ingestion, embeddings, and retrieval patterns in collaboration with backend engineers
• Operate and optimize serverless/container workloads: autoscaling, concurrency, cold-start mitigation, task sizing, and reliability tuning
• Stand up and manage CI/CD (Code Build, Code Deploy, Code Pipeline) for infra and shared services; implement automated testing, gated promotions, and rollback strategies
• Define and enforce IAM policies, roles, boundaries, and secrets/KMS practices; implement least-privilege access patterns for services and developers
• Configure secure data flows in S3 (encryption, lifecycle policies), VPC networking (routing, private/public subnets, NACLs), and perimeter controls (WAF/security groups/firewalls)
• Provide platform SRE support: logging, metrics, tracing, alarms, dashboards, error budgets, and incident response for shared cloud services
• Conduct architecture and threat-model reviews; track risks, decisions, and corrective actions tied to SQDC outcomes
• Partner with frontend and backend teams: expose well-documented interfaces (APIs, events, service endpoints), provision environments, and resolve cloud-side blockers
• Perform cost reviews and right-sizing; implement tagging, budgets, and alerts to optimize spend without compromising Safety or Quality

• Deep hands-on expertise in AWS core services:
  Lambda, ECS, API Gateway, Event Bridge, S3, VPC, subnets, NACLs, security groups/firewalls, Route 53, Cloud Watch/Cloud Trail
• Deep hands-on experience with Infrastructure as Code with Cloud Formation (modular stacks, nested stacks, change sets, parameters, stack policies) and IAM architecture: roles, policies, permission boundaries, service-linked roles, federation, least-privilege design, and KMS-based encryption
• Aurora Postgre
  
  SQL proficiency: schema design, performance tuning, connections, and vector search patterns for RAG workloads
• Familiarity with RAG platform engineering: embeddings pipelines, retrieval patterns, cache strategies, and collaboration with backend teams using Python/Node.js and Lang Chain
• CI/CD:
  Code Build, Code Deploy, Code Pipeline; artifact/versioning strategy, blue/green and canary deploys, rollback and drift detection
• Networking: VPC design, routing, NAT/IGW, DNS, private link/endpoints, egress patterns, and segmentation/zone models
• Observability: structured logging, metrics, tracing, alarms; SLOs/error budgets; incident management and post-incident reviews
• Security-by-design: defense-in-depth, secret management, data privacy, and compliance-aligned architectures
• Cost management: tagging standards, budgets/alerts, right-sizing, workload patterns, and storage lifecycle optimization
• Collaboration:
  
  ability to support and unblock frontend/backend developers, write clear runbooks, and coach teams on using platform capabilities safely and efficiently
• Understanding of enterprise security patterns including encryption, tokenization, data masking, compliance frameworks (SOX, GDPR, HIPAA), and access control implementation

• Excellent teamwork and communication skills to collaborate with cross-functional teams, including data scientists, analysts, and stakeholders. Ability to articulate complex technical concepts to non-technical audiences.
• Ability to showcase teamwork skills to achieve common goals, provide resolutions and share ideas.
• Ego…