We are looking for an experienced DevOps Engineer. The role will focus on designing, building and supporting our client to deploy secure, automated, and compliant cloud infrastructure on AWS, with a strong emphasis on Infrastructure as Code (Terraform).
This role will be responsible for producing reusable Terraform templates that deploy infrastructure into client-owned AWS environments, supporting Databricks platforms and GitHub-based CI/CD pipelines. All solutions must meet SOC 1 compliance requirements and align with client security and governance standards.
Key Responsibilities
Infrastructure & Cloud Engineering
- Design and implement AWS infrastructure using Terraform, following IaC best practices.
- Build modular, reusable Terraform templates for deployment into multiple client AWS accounts.
- Support the client on provision and manage Databricks infrastructure on AWS (e.g. workspaces, clusters, networking, security configuration).
- Ensure infrastructure designs are scalable, resilient, cost-efficient, and secure.
CI/CD & Automation
- Design and maintain CI/CD pipelines (or equivalent) for:
- Infrastructure deployment via Terraform
- Databricks code deployment
- Integrate infrastructure pipelines with client GitHub repositories and workflows.
- Implement automated validation, testing, and approvals within pipelines.
Security, Risk & Compliance (SOC 1)
- Ensure all infrastructure and deployment processes comply with SOC 1 control requirements, including:
- Change management
- Access controls
- Segregation of duties
- Audit logging and traceability
- Implement secure IAM roles, least-privilege access, secrets management, and encryption.
- Produce and maintain documentation to support audits and client assurance activities.
Client Delivery & Collaboration
- Work closely with data engineers, analytics engineers, and solution architects.
- Support deployments into client-managed AWS environments, respecting client security policies and constraints.
- Provide clear handover documentation and operational guidance to clients where required.
