Assoc Manager - Cloud Engineering

Overview

Senior Cloud Engineer

AWS

Azure

• Cloud Services: AWS (EC2, S3, ALB, Route 53, RDS, EKS, ECS, Fargate)
• Containerization: Docker, Kubernetes
• Databases: MySQL, Cassandra, MongoDB, DocumentDB
  

• Implementing end-to-end encryption for secure data transmission
• Optimizing CI/CD pipelines using Terraform, Git, and ArgoCD
• Ensuring systems are secure, scalable, and highly available
  

cross-functional teams

Responsibilities

Cloud Infrastructure Management

• Design, deploy, and manage AWS infrastructure using services like EC2, S3, Application Load Balancer (ALB), Target Groups, Route 53, and Private Hosted Zones for DNS resolution within VPCs.
• Implement and maintain end-to-end encryption for data in transit, including SSL offloading at ALB and re-encryption to backend targets (e.g., EC2, ECS, EKS) using AWS Certificate Manager (ACM) for SSL/TLS certificates.
• Configure secure SSL ciphers and protocols (e.g., TLS 1.2/1.3) to meet compliance requirements (e.g., PCI DSS, HIPAA).
• Set up and manage RDS (MySQL, SQL Server) for relational databases, including database backups and restores using automated snapshots and point-in-time recovery.
• Deploy and manage NoSQL databases like Cassandra, MongoDB, and AWS DocumentDB for high-performance, scalable data storage.
  

Containerization and Orchestration

• Deploy and manage containerized Java applications using Amazon EKS (Kubernetes) and Amazon ECS (with Fargate for serverless container management).
• Develop and maintain Docker images for Java-based microservices, ensuring secure and optimized container configurations.
• Integrate Kafka for event-driven architectures, configuring producers, consumers, and topics for real-time data streaming.
• Ensure secure communication for Kafka clusters using SSL/TLS within AWS environments.
  

Infrastructure as Code (IaC) and Automation

• Write and maintain Terraform scripts to provision and manage AWS resources (e.g., VPCs, ALB, EC2, RDS, EKS, ECS, Route 53, S3).
• Implement CI/CD pipelines using Git, AWS CodePipeline, AWS CodeBuild, and ArgoCD for automated deployment of Java applications to EKS/ECS clusters.
• Develop reusable pipeline templates for consistent deployments across development, staging, and production environments.
• Automate infrastructure provisioning and application deployments using GitOps principles with ArgoCD.
  

Security and Compliance

• Implement end-to-end encryption for internal and external traffic, ensuring HTTPS for all communications within the AWS environment (e.g., ALB to EC2/ECS/EKS, database connections).
• Configure ACM for managing SSL/TLS certificates and integrate with ALB, CloudFront, and Route 53 for secure domain routing.
• Secure Cassandra, MongoDB, and DocumentDB with SSL/TLS for client-to-node and internode communication.
• Work with security teams to enforce encryption standards and validate compliance using AWS tools like CloudTrail and CloudWatch.
  

Application Deployment and Optimization

• Deploy and optimize Java-based applications (e.g., Spring Boot, Java EE) on EC2, ECS, or EKS, ensuring high availability and scalability.
• Configure ALB with Target Groups to route traffic to Java applications, implementing health checks and load balancing strategies.
• Optimize performance for Kafka, Cassandra, and MongoDB in production environments, including schema design and cluster configuration.
  

Monitoring and Troubleshooting

• Monitor infrastructure and applications using AWS CloudWatch, setting up alarms and dashboards for EC2, RDS, EKS, and ECS.
• Troubleshoot issues related to SSL/TLS configurations, database performance, and application deployment failures.
• Ensure robust backup and restore strategies for RDS, Cassandra, MongoDB, and DocumentDB to minimize data loss and downtime.
  

Collaboration and Communication

• Collaborate with platform, infra, and business teams to align on project requirements, cost estimates, and timelines (e.g., as discussed in LATAM and SUK market setups).
• Provide technical guidance to stakeholders, ensuring clear communication on infrastructure changes and security implementations.
• Document processes, configurations, and pipeline templates for knowledge sharing and compliance.
  

Qualifications

Technical Expertise

• 8+ years of experience with AWS services: EC2, S3, ALB, Target Groups, Route 53, Private Hosted Zones, RDS (MySQL, SQL Server), EKS, ECS, Fargate, ACM.
• Strong knowledge of SSL/TLS, including SSL offloading and SSL ciphers for securing data in transit.
• Hands-on experience with Docker and Kubernetes (EKS) for containerized deployments.
• Proficiency in Terraform for Infrastructure as Code and Git for version control.
• Experience building CI/CD pipelines using AWS CodePipeline, CodeBuild, or ArgoCD.
• Expertise in Java-based application deployment (e.g., Spring Boot, Java EE) on AWS.
• In-depth knowledge of Kafka for event streaming, Cassandra, MongoDB, and AWS DocumentDB for NoSQL database management.
• Familiarity with RDS backup and restore processes, including automated snapshots and point-in-time recovery.
  

Additional Requirements

• Experience configuring end-to-end encryption for internal network traffic (e.g., ALB to backend, database connections) using HTTPS and SSL/TLS.
• Ability to optimize Cassandra and MongoDB clusters for performance and scalability, including schema design and SSL configuration.
• Knowledge of GitOps workflows using ArgoCD for Kubernetes-based deployments.
• Strong understanding of VPC networking, security groups, and private subnets for secure AWS architectures.
  

Soft Skills

• Excellent problem-solving skills and attention to detail.
• Strong communication skills to coordinate with cross-functional teams (e.g., platform, infra, security, and business teams).
• Ability to work in a fast-paced environment and manage multiple priorities.