Senior AWS Platform Engineer

We are looking for a Senior AWS Infrastructure Engineer to redesign our AWS environment. The successful candidate will lead the design and implementation of a secure, scalable, multi-account AWS architecture
, enable cost chargeback, and establish long-term operational best practices.

This role is infrastructure-first
, requiring strong operating system, networking, and security fundamentals
, in addition to deep AWS experience.

• AWS Architecture & Multi-Account Design
• Design and implement abest-practice multi-account AWS architecture using
  
  AWS Organizations and Control Tower
• Define account strategies for customers, environments (Prod / Non-Prod), and shared services
• Establish and maintain anAWS Landing Zonealigned with security and compliance requirements
• Reduce operational and security risk by eliminating single-account blast radius
• Migration & Execution
• Plan and executephased migrationsof existing workloads from a monolithic AWS account to multiple accounts
• Minimize downtime and risk through careful migration planning, testing, and rollback strategies
• Work closely with application and platform teams during migration and cutover
• Infrastructure as Code & Automation
• Codify account provisioning and baseline infrastructure usingTerraform
• Automate guardrails, networking, IAM, logging, and security controls
• Use CI/CD pipelines to support infrastructure as code, not as an application Dev Ops role
• Security & Governance
• Design and enforcesecurity guardrailsusing
  
  SCPs, IAM boundaries, and least-privilege access
  
  Implement and manage centralized security services including
  
  Cloud
  
  Trail, Guard Duty, Security Hub, and AWS Config
• Support compliance and audit requirements (e.g. ISO 27001) through strong segregation of duties and logging
• Networking
• Design and operate AWS networking at scale, including:
• VPC design and segmentation
• Centralized networking models
• Transit Gateway(nice to have)
• Hybrid connectivity (VPN / Direct Connect where applicable)
• Apply strong
  
  TCP/IP, DNS, and routing fundamentals
• Cost Management & Chargeback
• Implementcost monitoring, budgeting, and reportingusing AWS Cost Explorer and Budgets
• Enablecost separation and chargeback/showback per customer or account
• Support long-term Fin Ops visibility as the AWS environment scales
• Operating Systems & Infrastructure Operations
• Apply strong
  
  Linux and/or Windows systems engineering knowledge
• Support OS-level hardening, patching, access control, and troubleshooting
• Understand how cloud infrastructure maps to underlying OS and network behavior

• Senior-level experience designing and operating
  
  AWS infrastructure at scale
• Hands-on experience with
  
  AWS Organizations, Control Tower, and multi-account architectures
• Proven experience migrating workloads fromsingle-account to multi-account AWS environments
• Strong Linux and/or Windows OS fundamentals
• Strong networking fundamentals(TCP/IP, DNS, routing)
• Infrastructure as Code usingTerraform
• Experience implementingsecurity guardrails(SCPs, IAM, KMS)
• Experience with centralized logging, monitoring, and security tooling
• Experience with
  
  AWS cost management and chargeback/showback models

• AWS Transit Gateway and advanced networking architectures
• Experience in regulated or compliance-driven environments (e.g. ISO 27001)
• AWS Professional certifications (Solutions Architect Pro, Dev Ops Engineer Pro)
• Experience designing long-term AWS platform or cloud foundations

We thank all applicants for their interest; however, only those selected for an interview will be contacted. Free Balance is an inclusive employer dedicated to building a diverse workforce to increase the representation of the designated groups based on each country’s legislation. We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective labour law throughout all stages of the recruitment process.