Platform Engineer

Join to apply for the Platform Engineer role at American Fidelity
.

We’re looking for a Cloud Engineer with strong AWS experience to design, secure, and operate our multi‑account cloud environment. You’ll implement security best practices, automate infrastructure, and build resilient, scalable services across core AWS platforms.

• The Platform Engineer demonstrates skill in designing, implementing, and maintaining platform systems, with expertise in platform‑specific programming languages, database management, and system administration while ensuring compliance with technical standards.
• The Platform Engineer is responsible for providing support and troubleshooting for our platform systems. They work closely with all relevant subject matter experts, stakeholders, and other IT professionals to identify and resolve technical issues.
• The Platform Engineer independently resolves complex issues and is proactive in identifying areas for improvement, developing solutions to address technical debt, and ensures that our platform systems are stable and performant within the software team.
• Security & governance: Implement AWS security controls and monitoring (Cloud Trail, Guard Duty, Security Hub), enforce Service/Resource Control Policies (SCPs/RCPs), and drive guardrails across accounts.
• Organizations & multi‑account architecture: Build and manage AWS Control Tower, Landing Zones, and AWS Organizations; automate account provisioning and guardrails with Cloud Formation.
• Identity & access: Design least‑privilege IAM (roles, permissions), integrate SSO / IAM Identity Center, and use IAM Access Analyzer to reduce risk.
• Service engineering: Configure and operate S3/Glacier, API Gateway, Lambda, Dynamo
  
  DB, Amazon Connect, VPC, KMS, and other AWS services to deliver secure, reliable workloads.
• Automation & ops: Use Infrastructure‑as‑Code (Cloud Formation) and scripting to automate deployments, controls, and configuration drift detection.

• Hands‑on AWS experience across security, organizations/multi‑account, IAM, and core service configurations.
• Proficiency with Cloud Formation and scripting (e.g., Python/Power Shell) for automation and compliance.
• Solid understanding of VPC networking, encryption/KMS, logging/monitoring, and least‑privilege design.
• Strong collaboration and documentation skills; ability to turn requirements into secure, automated solutions.

Cloud Trail, Guard Duty, Service Control Policies, Resource Control Policies, Security Hub, etc.

Control Tower, Landing Zones, Guardrails, AWS Organization, Cloud Formation Stacks, and architecture for multi‑account environments.

IAM Roles, IAM Permissions, SSO Integrations, IAM Identity Center, IAM Access Analyzer.

S3, Glacier, API Gateway, Lambda, Dynamo

DB, AWS Connect, VPC, Key Management Service, and others.

Associate

Full-time

Information Technology

Insurance