Cloud Infrastructure Engineer

Job Description

ResponsibilitiesJob Overview: optimize We are seeking a Cloud Infrastructure Engineer with strong Linux administration and security expertise to manage, secure, and optimise our cloud environments. The role will focus on building and maintaining a secure infrastructure while performing vulnerability assessments and penetration testing on cloud and on-premises environments. This position involves responsibilities in disaster recovery, incident management, backup planning, cost optimization, and the overall hardening of systems and networks. Key responsibilities Cloud Infrastructure Management: Design, deploy, and maintain cloud infrastructure on platforms like AWS, Azure, & Google Cloud. Manage virtual machines (VMs), networking, and storage while optimising for performance and cost-efficiency. Automate infrastructure provisioning using Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Linux Administration: Perform daily Linux system administration tasks such as patching, updates, and performance tuning. Install, configure, and manage Linux-based systems and applications in cloud and hybrid environments. Automate Linux administration and operational tasks through shell scripting and configuration management tools (e.g., Ansible). Security Management & Hardening: Implement robust security measures across the cloud environment including firewalls, VPNs, IAM policies, and access controls. Continuously harden VMs, networks, and cloud configurations to mitigate security risks and enhance protection. Perform regular system audits to ensure compliance with security standards and best practices. Vulnerability Management & Penetration Testing: Conduct vulnerability assessments on cloud infrastructure, applications, and networks to identify potential weaknesses. Perform penetration testing on cloud and on-premises environments to proactively find and fix security gaps. Work with the security team to remediate identified vulnerabilities and ensure systems are secure. Document findings from penetration tests and report actionable recommendations to stakeholders. Disaster Recovery & Backup Planning: Design and implement comprehensive disaster recovery plans, ensuring data and infrastructure can be restored quickly after incidents. Create backup strategies for critical systems and ensure backups are stored securely. Test and validate recovery processes regularly to ensure the integrity of disaster recovery plans. Incident Management & System Recovery: Lead efforts to respond to incidents, troubleshoot issues, and restore systems after unexpected outages or security events. Investigate security incidents, breaches, and outages, and develop incident reports detailing the root cause and resolution. Cost Optimization & Resource Management: Monitor and manage cloud costs, implementing strategies for cost control and resource efficiency. Identify opportunities for optimization, such as rightsizing instances, auto- scaling, or optimising reserved instances. Firewall & Network Management: Configure and manage firewalls, security groups, VPNs, and network access control lists (NACLs). Secure VPCs, subnets, and other network components in cloud environments. Monitor network traffic and secure data transfers between cloud and on- premises systems. Key Skills and Qualifications: Cloud Expertise: Proficiency with cloud platforms like AWS, Azure, & Google Cloud. Hands-on experience with cloud services (compute, storage, networking, security) and managing cloud-based VMs. Knowledge of cloud security, IAM policies, and VPC configurations. Linux Administration: Strong experience managing Linux systems (RedHat, Ubuntu, CentOS) including installation, patching, and performance optimization. Automation experience with scripting (Bash, Python) and tools like Ansible or Terraform. Firewall & Network Security: Proficiency in managing and configuring firewalls, security groups, and secure network architectures. Security & Penetration Testing: Experience conducting vulnerability assessments and penetration tests on cloud infrastructure, networks, and applications. Strong knowledge of security standards and best practices, including firewall management, access controls, and encryption. Desired Certifications: AWS Certified Solutions Architect, Azure Certified Solutions Architect, or Google Cloud Professional Cloud Architect Red Hat Certified System Administrator (RHCSA) or equivalent Linux certification Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP) for penetration testing Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP)