Mandatory Criteria (Can't be neglected during screening) :

- Looking for Immediate Joiners or 15 days of Notice period candidates Only.

- Should have created more than 200 or 300 accounts from scratch using control towers or AWS services.

- Should have atleast 7+ years of working experience in AWS

- AWS multi-account setup (Control Tower/Organizations)

- VPC design and networking (Transit Gateway, Private Endpoints, routing, firewalls)

- IAM policies, role-based access control, and security hardening

- Database provisioning (RDS, Aurora, DynamoDB)

- Proficiency in Terraform and AWS CloudFormation.

- Hands-on experience with scripting (Python, Bash, PowerShell).

- Experience with CI/CD pipelines and automation tools.

First 3 months will be remote (With office timings : 4 : 30 PM to 1 : 30 AM

After 3 months will be WFO (With Standard office timings)

Role Overview :

We are seeking a highly skilled and hands-on AWS Cloud Architect with a proven ability to design, build, and manage cloud infrastructure from the ground up. This is not a role for someone who merely consumes or maintains existing services it demands a true AWS builder mindset, capable of architecting enterprise-grade, multi-account cloud environments that meet the highest standards of scalability, security, and performance.

As an AWS Cloud Architect, you will be responsible for end-to-end cloud ecosystem design from foundational networking and identity governance to database provisioning, automation, and compliance. You will be at the forefront of defining how cloud infrastructure is structured, automated, and optimized across business units. This role is critical to building a secure, high-performing, and cost-efficient AWS foundation that supports all technology initiatives within the organization.

You will work closely with cross-functional teams including DevOps, Security, Data Engineering, and Application Development to ensure architectural consistency and alignment with business goals. The ideal candidate will possess a deep understanding of AWS services, a solid background in Infrastructure as Code (IaC), and the ability to turn architectural blueprints into operational reality.

Key Responsibilities :

1. AWS Environment Provisioning :

- Architect and build AWS environments from scratch, applying AWS best practices and the Well-Architected Framework.

- Design and implement multi-account AWS organizations using AWS Control Tower and AWS Organizations for centralized governance and cost management.

- Configure and manage VPC networks, including subnets, route tables, Transit Gateway, Private Endpoints, and firewalls for secure interconnectivity.

- Provision and manage AWS databases such as Amazon RDS, Aurora, and DynamoDB with a focus on performance tuning, fault tolerance, and backup/recovery strategies.

- Handle end-to-end account lifecycle management including IAM users, roles, policies, access keys, and federated identity management via SSO or IAM Identity Center.

- Ensure proper network isolation, traffic flow control, and secure data movement between on-premise systems and AWS using VPNs or Direct Connect.

2. Infrastructure as Code (IaC) :

- Develop, deploy, and manage infrastructure using Terraform and AWS CloudFormation, ensuring repeatable, version-controlled, and auditable deployments.

- Create reusable modules and templates for networking, compute, and security configurations that can be leveraged across projects.

- Automate provisioning of VPCs, IAM policies, and security groups, reducing manual errors and improving deployment consistency.

- Maintain IaC repositories within Git-based systems (GitHub, GitLab, Bitbucket) and enforce best practices for branching, versioning, and pull requests.

- Collaborate with teams to implement immutable infrastructure principles, enabling rapid environment setup and teardown.

3. Security and Compliance :

- Apply AWS security best practices across identity management, encryption, and logging. Implement principle of least privilege (PoLP) and multi-factor authentication (MFA).

- Manage compliance automation and continuous monitoring using AWS Config, GuardDuty, Security Hub, and AWS CloudTrail.

- Build security baselines and enforce policies through Service Control Policies (SCPs) and IAM Access Analyzer.

- Design encryption strategies using AWS KMS for data at rest and in transit.

- Implement secure secret management using Vault, AWS Secrets Manager, or Parameter Store.

- Partner with InfoSec and compliance teams to ensure infrastructure adheres to standards such as ISO 27001, SOC 2, and GDPR.

4. Automation and CI/CD Integration :

- Develop automation scripts using Python, Bash, or PowerShell to handle AWS resource management, log analysis, and configuration updates.

- Integrate infrastructure deployments into CI/CD pipelines using Jenkins, GitHub Actions, or GitLab CI/CD, promoting continuous delivery of infrastructure changes.

- Implement automated validation of IaC templates and configuration compliance before production deployments.

- Work closely with DevOps teams to streamline code deployments, configuration rollouts, and environment provisioning through pipelines.

5. Monitoring, Performance, and Optimization :

- Deploy and manage monitoring solutions such as Amazon CloudWatch, Prometheus, and Grafana to track system health, latency, and utilization.

- Build automated alerting and dashboards to provide real-time visibility into the infrastructure state.

- Continuously analyze and optimize cost across AWS accounts using AWS Cost Explorer and Trusted Advisor recommendations.

- Monitor performance metrics and implement auto-scaling strategies to ensure availability during variable workloads.

- Conduct root cause analysis (RCA) for infrastructure incidents and drive long-term preventive improvements.

Required Skills and Experience :

- Minimum 10 years of experience in Cloud Engineering, with at least 7 years focused on AWS architecture, provisioning, and automation.

Deep expertise in :

- AWS multi-account setup (Control Tower, Organizations, Service Catalog)

- Networking and VPC design (Transit Gateway, routing, subnets, firewalls)

- IAM and security hardening (roles, policies, SCPs, KMS encryption)

- Database provisioning (RDS, Aurora, DynamoDB, parameter tuning)

- Strong proficiency in Terraform and AWS CloudFormation for IaC management.

- Hands-on experience with Python, Bash, or PowerShell scripting for automation and configuration management.

- Familiarity with CI/CD pipelines and infrastructure automation tools (Jenkins, GitHub Actions, GitLab CI/CD).

- Proficient in using monitoring tools like CloudWatch, Prometheus, and Grafana for proactive alerting and performance optimization.

- Strong understanding of AWS Well-Architected principles across Security, Reliability, Performance Efficiency, Cost Optimization, and Operational Excellence.

Preferred Certifications :

- AWS Certified Solutions Architect Professional

- AWS Certified DevOps Engineer Professional

- HashiCorp Certified : Terraform Associate

Holding any of these certifications demonstrates your deep technical competence and hands-on expertise in managing complex AWS ecosystems at scale.