Job#: 3034306
Job Description:
Job Title: AWS Cloud Engineer III
Location: Remote (EST Hours)
Length: 6 months
Pay Range: $69-$78
JOB DESCRIPTIONCompany Overview
A major financial institution is seeking an experienced AWS Cloud Platform Engineer to support its enterprise AWS environment. The Cloud Engineering team is responsible for designing, operating, and securing the enterprise AWS cloud platform — managing 100+ AWS accounts, 250+ serverless functions, and a comprehensive infrastructure-as-code ecosystem that supports the institution's digital transformation and regulatory compliance objectives.
Position Summary
The AWS Cloud Engineering III role is a hands-on technical position focused on day-to-day cloud platform operations including AWS account lifecycle management, infrastructure provisioning, VPC networking, security controls enforcement, and operational support. The ideal candidate is a seasoned cloud engineer who thrives in a regulated enterprise environment and can independently execute complex infrastructure tasks while adhering to strict change management and compliance requirements.
Duties and ResponsibilitiesInfrastructure Operations & Account Lifecycle
· Provision and manage AWS accounts, services, and decommissioning within AWS Organizations
· Perform VPC provisioning, upgrades, and configuration management using Terraform
· Manage Transit Gateway attachments, route table configurations, and cross-account network connectivity
· Support compute infrastructure including EC2 fleet management, Auto Scaling Groups, and load balancer configurations
· Fulfill infrastructure change requests through ITSM processes and formal change management
Infrastructure as Code (IaC)
· Develop, maintain, and troubleshoot Terraform configurations for AWS infrastructure provisioning
· Work within Terraform Cloud workspaces with policy-as-code enforcement
· Leverage and contribute to internal Terraform modules, guardrails and standardized workflows
Security & Compliance
· Implement and maintain Service Control Policies (SCPs), IAM policies and least privilege access models
· Enforce encryption and data protection standards (EBS, RDS, S3, KMS)
· Triage and remediate findings from cloud security posture management (CSPM) tools, vulnerability scans, and drift detection
· Manage VPC endpoint configurations, PrivateLink connectivity, and network security controls
Monitoring, Cost Management & Operational Support
· Monitor and respond to alarms, security findings, and AWS Config rule violations
· Support FinOps practices including cost/budget monitoring and enforcement, and resource optimization recommendations
· Participate in on-call rotation for cloud platform support
· Collaborate with application teams, security, and enterprise architecture stakeholders
Documentation & Knowledge Management
· Maintain operational runbooks, SOPs, and technical documentation
· Document infrastructure decisions, configurations, troubleshooting procedures, and customer support guides
Minimum Knowledge, Skills, and Abilities RequiredRequired Experience (Must-Haves)
· 5 – 10 years of hands-on experience in cloud infrastructure engineering (AWS-focused)
· Demonstrated experience with Terraform (HCL) and IaC lifecycle management
· Deep working knowledge of AWS core services: VPC, EC2, Lambda, S3, RDS, IAM, KMS, CloudWatch, CloudTrail, Route 53, API Gateway, ELB (ALB/NLB), Transit Gateway
· Experience operating multi-account AWS environments using AWS Organizations and SCPs
· Proficiency in IAM policy design, cross-account access patterns, and least-privilege principles
· Experience with CI/CD pipelines (Terraform Cloud, Jenkins, GitHub Actions, or equivalent)
· Experience with Git-based workflows (branching strategies, pull requests, code reviews) in GitHub Enterprise or similar
· Experience working in regulated or enterprise environments with formal change management (ServiceNow or equivalent ITSM)
· Strong troubleshooting and problem-solving skills for complex, multi-account AWS environments
· Excellent written and verbal communication skills; ability to produce clear technical documentation
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.
Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Everforth Apex team member can provide.
VEVRAA Federal Contractor.
We request Priority Protected Veteran & Disabled Referrals for all of our locations within the state.
