Sr. Cloud Engineer | AWS Landing Zone Build & Migration (ECS/Fargate, CloudFormation)

job location

Location

Remote

About Us

We are working with a highly regulated, CMMC Compliant environment. We are seeking only US Citizens for consideration for this role.

We're building a production-ready AWS landing zone and executing a Wave 1 migration of five applications as part of a Microsoft-to-AWS modernization. The target architecture uses ECS/Fargate for containerized .NET services, RDS SQL Server Multi-AZ, S3 + CloudFront for Angular frontends, and an AWS Landing Zone Accelerator foundation aligned to CMMC Level 2 / NIST SP 800-171. Infrastructure is provisioned with CloudFormation (LZA is CloudFormation-native), with CI/CD through GitHub Actions.

Role Overview

You'll work alongside a Cloud Architect who owns the design; you'll own the hands-on implementation and migration execution.

Key Responsibilities

  • Deploy and configure the AWS Landing Zone Accelerator and align AWS Organizations / account structure.
  • Provision infrastructure with CloudFormation - networking (VPCs, subnets, routing), Transit Gateway hub-and-spoke, and hybrid connectivity.
  • Implement identity and access: IAM Identity Center (SSO) integration with Entra ID and base IAM roles (including break-glass).
  • Stand up logging, monitoring, and security baselines (CloudTrail, CloudWatch, AWS Config, Security Hub, GuardDuty, KMS encryption, Security Groups, Network Firewall).
  • Build CI/CD pipelines in GitHub Actions for infrastructure and application deployments.
  • Containerize .NET services to ECS/Fargate, deploy Angular SPAs to S3/CloudFront, and migrate databases to RDS SQL Server Multi-AZ.
  • Execute test migrations and Wave 1 cutover; validate functionality, performance, and connectivity (including OIDC/auth flows); set up alerting and operational runbooks.

Mandatory Requirements (Non-Negotiable)

  • 6+ years cloud engineering with strong, current hands-on AWS delivery experience.
  • CloudFormation (production IaC); LZA experience a strong plus.
  • ECS/Fargate and container workflows (Docker); RDS SQL Server (Multi-AZ) migration.
  • AWS networking: VPC, Transit Gateway, security groups, VPN/Direct Connect.
  • IAM / IAM Identity Center (SSO), Entra ID integration.
  • CI/CD with GitHub Actions; scripting (PowerShell/Bash/Python).
  • Observability and security tooling: CloudWatch, CloudTrail, Config, Security Hub, GuardDuty, KMS.

Nice to Have

  • Containerizing .NET (Framework + modern .NET) / IIS apps.
  • CMMC Level 2 / NIST SP 800-171 environments.
  • S3/CloudFront hosting for Angular SPAs; AWS Backup; multi-region DR replication.

Engagement Details

  • Roughly 230–250 hours, starting around week 3 and running through the 8-week Mobilize & pilot phase. Ramps from ~50% to full-time during build and migration.
  • Remote.

Apply for This Role

Please include:

  • A recent AWS landing zone or migration you implemented (CloudFormation + ECS/Fargate especially relevant).
  • Your AWS certifications.
  • A brief note on relevant .NET/SQL Server containerization or migration work.
  • Your hourly rate and weekly availability.

Proof of US Citizenship is required.

Job Type: Hourly
Job Location: Remote

Apply for this position

Allowed Type(s): .pdf, .doc, .docx