Jobless Developer
FreeBalance logo
FreeBalance

Posted 3 months ago

Open

Senior AWS Platform Engineer

Krakow, PolandRemoteFull-time

AI Summary

Senior AWS Platform Engineer to design and implement a multi-account AWS architecture, focusing on security, governance, and cost management. Leads migrations, IaC with Terraform, and centralized logging/security tooling.

About this role

We are looking for a Senior AWS Infrastructure Engineer to redesign our AWS environment. The successful candidate will lead the design and implementation of a secure, scalable, multi-account AWS architecture, enable cost chargeback, and establish long-term operational best practices.
This role is infrastructure-first, requiring strong operating system, networking, and security fundamentals, in addition to deep AWS experience

Key Responsibilities:

  • AWS Architecture & Multi-Account Design
  • Design and implement a best-practice multi-account AWS architecture using AWS Organizations and Control Tower
  • Define account strategies for customers, environments (Prod / Non-Prod), and shared services
  • Establish and maintain an AWS Landing Zone aligned with security and compliance requirements
  • Reduce operational and security risk by eliminating single-account blast radius
  • Migration & Execution
  • Plan and execute phased migrations of existing workloads from a monolithic AWS account to multiple accounts
  • Minimize downtime and risk through careful migration planning, testing, and rollback strategies
  • Work closely with application and platform teams during migration and cutover
  • Infrastructure as Code & Automation
  • Codify account provisioning and baseline infrastructure using Terraform
  • Automate guardrails, networking, IAM, logging, and security controls
  • Use CI/CD pipelines to support infrastructure as code, not as an application DevOps role
  • Security & Governance
  • Design and enforce security guardrails using SCPs, IAM boundaries, and least-privilege accessImplement and manage centralized security services including CloudTrail, GuardDuty, Security Hub, and AWS Config
  • Support compliance and audit requirements (e.g. ISO 27001) through strong segregation of duties and logging
  • Networking
  • Design and operate AWS networking at scale, including:
  • VPC design and segmentation
  • Centralized networking models
  • Transit Gateway (nice to have)
  • Hybrid connectivity (VPN / Direct Connect where applicable)
  • Apply strong TCP/IP, DNS, and routing fundamentals
  • Cost Management & Chargeback
  • Implement cost monitoring, budgeting, and reporting using AWS Cost Explorer and Budgets
  • Enable cost separation and chargeback/showback per customer or account
  • Support long-term FinOps visibility as the AWS environment scales
  • Operating Systems & Infrastructure Operations
  • Apply strong Linux and/or Windows systems engineering knowledge
  • Support OS-level hardening, patching, access control, and troubleshooting
  • Understand how cloud infrastructure maps to underlying OS and network behavior

    • Required Qualifications:

  • Senior-level experience designing and operating AWS infrastructure at scale
  • Hands-on experience with AWS Organizations, Control Tower, and multi-account architectures
  • Proven experience migrating workloads from single-account to multi-account AWS environments
  • Strong Linux and/or Windows OS fundamentals
  • Strong networking fundamentals (TCP/IP, DNS, routing)
  • Infrastructure as Code using Terraform
  • Experience implementing security guardrails (SCPs, IAM, KMS)
  • Experience with centralized logging, monitoring, and security tooling
  • Experience with AWS cost management and chargeback/showback models

    • Nice to have:

  • AWS Transit Gateway and advanced networking architectures
  • Experience in regulated or compliance-driven environments (e.g. ISO 27001)
  • AWS Professional certifications (Solutions Architect Pro, DevOps Engineer Pro)
  • Experience designing long-term AWS platform or cloud foundations

    • Skills

    AWS ConfigAWS IAMAWS OrganizationsBudgetsCI/CD For InfrastructureCloudTrailControl TowerCost ExplorerDNSGuardDutyISO 27001 ComplianceKMSLanding ZoneLinuxMulti-account ArchitectureNetworking FundamentalsSCPsSecurity HubTCP/IPTerraformTransit GatewayVPC DesignVPN/Direct ConnectWindows

    Explore related jobs

    More jobs at FreeBalance

    Similar AWS Config jobs

    Browse these categories

    Remote JobsDNS JobsLinux JobsTCP/IP JobsTerraform Jobs