Principal, Infra Cloud

Job description

Principal, Infra Cloud

Tasks

- Principal lead for Infrastructure-as-Code (IaC) automation (e.g., Terraform) to control the reference architecture via IaC in order to programmatically accelerate application development teams. - Expert in modern software DevOps and CI/CD tools such as GitHub, GitLab, Jenkins, etc., to provision infrastructure resources and prevent configuration drift. - Senior technical advisor to engineering and application teams to enable the adoption of cloud best practices across the organization by focusing on broader strategic priorities for leadership. - Evaluate new technology options for cloud automation and vendor products to provide recommendations for integration into environments. - Collaborate with product, architecture, and other stakeholders to ensure cloud technologies are designed according to product roadmaps and well-structured frameworks. - Design, implement, and enforce policy-as-code (PaaC) for cloud environments (Azure, AWS) to validate, detect, remediate, and enforce security standards. - Assist in remediating security vulnerabilities using cloud posture management and ISTM tooling in accordance with service level agreements (SLA). - Manage, configure, monitor, and operate cloud security posture management platforms (e.g., WIZ, Prisma Cloud, etc.) for pre-implementation scanning of IaC code to protect infrastructure.

Requirements

- Bachelor's degree in computer science, engineering, or a related technical field - 12+ years of experience in infrastructure/platform engineering - 7+ years of experience with Azure and AWS in an enterprise environment - Expert in Terraform (modules, workspaces, status management, private registrations) - Excellent communication skills; able to create clear design documents, narratives, and proof of concept

Preferred qualifications

- Knowledge of scripting languages: Python, Perl, Bash/PowerShell, YAML, KOL, etc. - Knowledge of waterfall and Agile, Scrum, Kanban, SAFe, etc. delivery methods - Knowledge and experience in test automation harnesses and frameworks - Understanding and ability to ensure operational stability and enforcement of security controls via policy-as-code and CI/CD automation - Independent management of workload, coordination of priorities with technical leads, and delivery of outputs according to processes and standards - Ability to work independently and manage multiple tasks and projects, and maintain day-to-day management and administration of projects in an agile environment - Deep understanding of cloud networking (VPC/VNets, routing, DNS, private links/endpoints, transit firewalls), identity (Azure AD/Entra ID), IAM roles, SCPs), and Kubernetes (EKS/ACKs) - Proven experience translating financial regulatory frameworks (NYC, EU-GDPR, SOC 2, ISO 27001, NIST 800-53) into technical controls and automation - Strong knowledge of CI/CD for IaC (GitHub Actions, Azure DevOps, CodePipeline), including change management, approvals, artifact promotion, and separation of duties - Hands-on experience with security testing (Defender for Cloud Security Hub, GuardDuty, Sentinel