DevOps Engineer - AWS

DevOps Engineer - AWS (6-8 Years Experience)

Role Overview

Key Responsibilities

1. AWS Infrastructure Engineering

• VPC, Subnets, NAT, Security Groups, NACLs

• EC2, ECS/Fargate, EKS

• Lambda serverless workloads

• RDS (MySQL/PostgreSQL), DynamoDB, ElastiCache (Redis)

• S3 (with versioning, replication, lifecycle rules)

• API Gateway, Application Load Balancer, NLB

• AWS WAF, CloudFront

• Secrets Manager & KMS

• CloudWatch, CloudTrail, Config

2. CI/CD & Automation

• Build scalable CI/CD pipelines using:

• AWS CodePipeline, CodeBuild, CodeDeploy

• OR

  GitHub Actions / Bitbucket Pipelines

• Automate deployments for:
• Node.js / Express services
• React/Next.js frontends
• Container workloads
• Implement:
• Blue/Green & Canary deployments
• Automated rollback strategies
• Secretless pipeline execution (AWS IAM roles)

3. Infrastructure as Code (IaC)

• Author, modularize, and maintain IaC using:

• Terraform

  (preferred)
• or AWS CloudFormation
• Manage remote state, workspaces, environment-specific variables.
• Ensure resources follow Well-Architected Framework, cost tagging, and naming standards.

4. Security, Compliance & Best Practices

Key Responsibilities

• Enforce

  IAM best practices

  :
• No long-lived credentials
• Role-based access ONLY
• Cross-account IAM roles where required
• Harden VPC, SGs, NACLs, encryption policies.
• Enforce

  private access patterns

  :
• VPC Endpoints for S3, DynamoDB, Secrets Manager
• No public internet exposure unless required
• Set up

  AWS WAF

  & Shield protections.
• Enable

  CloudTrail, GuardDuty, Security Hub

  .
• Implement

  KMS encryption

  across services.
• Apply CIS benchmarks for EC2, EKS, IAM, RDS.
• Automate vulnerability scanning with Amazon Inspector or third-party tools.

5. Observability, Logging & Reliability

• Set up CloudWatch metrics, logs, alarms, dashboards.
• Implement structured logging (JSON-based) for microservices.
• Configure distributed tracing (X-Ray).
• Define SLIs/SLOs and error budget monitoring.
• Implement auto-scaling for ECS/EKS/EC2 based on usage patterns.

6. Containers & Microservices

• Architect and maintain workloads on:

• ECS (Fargate/EC2)

• EKS (Kubernetes)

• Optimize Docker images (multi-stage builds, caching).
• Implement service mesh (App Mesh, Istio on EKS) preferred but optional.
• Utilize AWS App Mesh, Parameter Store, or Secret Manager for secure config injection.

7. Collaboration & Delivery

• Work closely with architects, developers, and project managers.
• Participate in design reviews and ensure infra aligns with AWS best practices.
• Support production releases, DR drills, capacity planning, and RCAs.
• Mentor junior DevOps engineers in the Kochi team.

Required Skills & Experience

Core Skills

• 6-8 years hands-on AWS DevOps experience
• Strong expertise in:

• Terraform

  (mandatory)

• EC2, ECS, EKS, Lambda

• API Gateway, ALB/NLB

• VPC, Route 53, IAM, WAF

• RDS, DynamoDB, ElastiCache

• GitHub Actions or AWS CodePipeline

• ECR, Docker, container deployment patterns

Security Skills

• Deep understanding of:
• IAM role-based access
• Encryption at rest/in transit
• PrivateLink & VPC Endpoints
• WAF, GuardDuty, Security Hub
• KMS, Secrets Manager
• AWS Organizations & SCPs (nice to have)

Soft Skills

• Strong problem-solving & debugging skills
• Excellent communication with global teams
• Ability to manage simultaneous projects
• Strong documentation and ownership mindset

Nice-to-Have Skills

• Experience with:
• EKS service mesh
• GitOps (ArgoCD/Flux)
• AWS Step Functions
• EventBridge patterns
• AWS SQS/SNS/Kinesis
• Serverless Framework
• FinOps & cost optimization strategies
• AI integrations (Bedrock, Sagemaker)
• Certifications:

• AWS Solutions Architect - Associate/Professional

• AWS DevOps Engineer - Professional