Role Overview:
We are seeking a highly skilled and security-conscious Senior Infrastructure & Operations Engineer to join our Cloud Engineering NetOps team. This role focuses on designing, implementing, and maintaining secure, scalable, and compliant edge network solutions using AWS CloudFront, WAF, Shield, and Shape Security. You will also drive automation and infrastructure-as-code practices using Terraform and GitHub Actions, ensuring high availability and performance of cloud-native applications.
Positions in this function design, engineer, and manage the organization''s infrastructure and operational platforms. From a cloud services model, this includes services commonly thought of as IaaS and PaaS and their underlying foundational components. Additionally, this function also has responsibility for traditional enterprise infrastructure and operational platforms such as email, file transfer, and collaboration technologies, among others. This role must understand functional and non-functional requirements to ensure they can be achieved through system design and engineering to meet the needs of the customers. Work closely with business and technology stakeholders to develop roadmaps for their respective technology portfolios, resolve cross-system and domain dependencies, ensure effective integration among the services offered to the end customer, and efficient usage of infrastructure and operational platforms. Monitor technological advancements and industry trends to influence company standards and ensure that solutions are continuously improved and maintained through product management practices, including recommendations to invest in a solution or retirement of redundant or out-of-date systems. Understand the interactions between systems, the applications and services hosted, and evaluate the impact of changes and additions. Perform analysis on existing systems to ensure performance and reliability, enhance scalability, meet security requirements, and interoperable and maintainable technology portfolio. Generally work is self-directed and not prescribed.
Primary Responsibilities:
- Design and manage AWS CloudFront distributions, including custom caching, origin configurations, and geo-based routing
- Implement and maintain AWS WAF, Shield Advanced, and Shape Security policies to protect applications from DDoS, bot traffic, and OWASP threats
- Collaborate with security and compliance teams to enforce data protection, audit logging, and incident response standards
- Develop and maintain Terraform modules for edge services, security policies, and network configurations
- Automate deployment workflows using GitHub Actions, integrating with CI/CD pipelines and secrets management
- Monitor and optimize edge performance, latency, and error rates using CloudWatch, Datadog, or similar tools
- Participate in threat modeling, vulnerability assessments, and remediation planning
- Ensure compliance with HIPAA, SOC2, ISO27001, and internal governance frameworks
- Provide L3 support and root cause analysis for edge-related incidents and outages
- Works with less structured, more complex issues
- Serves as a resource to others
- Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
Required Qualifications:
- Undergraduate degree or equivalent experience
- 9+ years of experience in Cloud Engineering or NetOps, with a focus on AWS edge services
- Hands-on experience with Terraform for infrastructure provisioning and policy-as-code
- Experience with monitoring and alerting tools (e.g., CloudWatch, Datadog, ELK)
- Deep expertise in AWS CloudFront, WAF, Shield, and Shape Security
- Solid understanding of network security, TLS, DNS, IP whitelisting, and bot mitigation
- Familiarity with security frameworks and compliance standards (e.g., NIST, CIS Benchmarks)
- Proficiency in GitHub, GitHub Actions, and integrating IaC into CI/CD workflows
- Proven excellent troubleshooting, documentation, and communication skills
