* Own cloud infrastructure foundations, CI/CD and delivery automation that is secure, repeatable, and auditable in a highly regulated environment.
* You'll build pipelines that work across teams and cloud providers, integrate IaC and GitOps, and enable the AI assisted and remediation: selected failures/alerts create reviewable PRs with proposed fixes, enforced by required checks, approvals, and audit trails. What success looks like (outcomes)
* Secure, scalable cloud foundations (landing zones, networking, firewalling) deployed consistently via IaC and GitOps practices. Standard pipelines that reduce variance and production risk. Strong release governance (approvals, evidence, traceability) without slowing teams unnecessarily.
* Fast, deterministic CI with policy gates, clear failure reasons, and automation for routine fixes.
* Observability + alerting integrated with runbooks and PR-based remediation. Key responsibilities
* Implement and operate landing zones (cloud-agnostic principles; provider-specific implementations as needed): o Network topology (hub/spoke or equivalent), routing, private connectivity patterns o Baseline security controls, guardrails, and policy enforcement
* Own networking and perimeter/security controls in collaboration with security teams: o Firewalls/WAF patterns, egress control, DNS strategy, private endpoints o Secure ingress/egress for Kubernetes and platform services
* Build and maintain CI pipelines on GitHub Actions and/or Bitbucket Pipelines: o Build/test/package, quality gates, artifact handling, environment promotion o Reusable pipeline templates and "paved road" workflows
* Implement cloud infrastructure architecture patterns