Title: Senior Cloud Engineer
Reports to: Chief Product Officer
Summary
The Senior Cloud Engineer serves as a vital technical leader, driving the architecture, construction, and evolution of the companys cloud infrastructure. This role is central to designing and implementing a resilient cloud environment essential for powering the business. You will collaborate across Product, Engineering, Security and Risk as a partner integral to enabling applications that will be used both internally and externally. You will be the companys cloud expert, and your input and expertise will be integral to achieving their success.
Key Responsibilities
1. Architect & Manage
Design, develop, and implement a secure, scalable, and highly available cloud platform architecture. Recommend cloud services (compute, storage, networking, database) and establish best practices for governance, security, and cost management.
Implement a robust cloud platform using Infrastructure as Code (Terraform) patterns, focusing on modularity, reusability (via modules and registries), and version control.
Design, automate, and optimize robust CI/CD pipelines that empower development teams to deploy with high velocity and safety.
Analyze usage reports to right-size compute instances (CPU/RAM/Disk) and tune architectures for lower billing.
Be the primary point of contact for cloud vendor relationships.
2. Monitor
Set up integrated observability layers combining metrics, logs, and tracing tied to specific service level goals.
Implement automated alerts for infrastructure failures and triage performance issues through monitoring analysis.
Monitor and report on monthly performance and capacity metrics and resource availability.
3. Security & Compliance
Partner with Security & Risk teams to integrate automated compliance, least-privilege IAM models, and proactive threat modeling.
Implement DevSecOps practices (CSPM, vulnerability scanning in CI/CD) to catch misconfigurations (e.g., exposed S3, overly permissive Security Groups) at the PR stage.
Design and automate complex, least-privilege IAM structures using Permission Boundaries, SCPs, and dynamic IAM role creation.
Build integrations for applications to consume dynamic, short-lived credentials and automate SSL/TLS certificate rotation.
Required Qualifications & Skills
A Bachelor's degree in a relevant field, such as Computer Science or Software Engineering, is required.
5+ years of professional experience managing enterprise-scale cloud platforms (AWS and GCP preferred).
Experience working in highly regulated environments with strict audit and compliance requirements (SOC2, FINRA).
Proven experience developing reusable infrastructure, managing state in large systems, and automating workflows/tooling using Java, JavaScript, and C#.
Proficient in Kubernetes, Docker, and GitOps; specialized in custom controllers and multi-cloud security and identity-based access.
Expertise in networking (TGW, Shared VPCs, Cloud Interconnect, DNS, BGP) and managing high-throughput data streaming (Kafka/Confluent Cloud).
Experience building monitoring stacks using Prometheus, Grafana, and distributed tracing.
Excellent communication, interpersonal, and presentation skills with the ability to explain complex data concepts to non-technical stakeholders.
Ability to work independently and collaboratively in a fast-paced environment, managing multiple priorities and projects simultaneously.
Strong problem-solving skills and attention to detail.