Infrastructure Architect

To acquire the advantage, we are seeking an Infrastructure Architect to lead the design and buildout of a standardized, secure, and scalable cloud platform (NGSC).NGSC (Next Generation Secure Cloud) refers to a modern, enterprise cloud environment built on AWS that includes standardized networking, security controls, CI/CD integration, infrastructure automation, and guardrails to support multiple applications and programs in a consistent and compliant way.This role will own the end-to-end architecture from network and security layers through CI/CD and developer enablement.Key Responsibilities:Lead design and implementation of NGSC, including VPC architecture, segmentation, routing, and secure connectivityDefine and implement infrastructure guardrails to enforce security, compliance, and standardization across all programsOwn GitLab architecture, including pipeline standards, runner strategy, and version upgradesStandardize Infrastructure as Code using OpenTofu or Terraform, including reusable modules and templatesDesign high availability and disaster recovery strategies using multi-AZ and multi-region architecturesEstablish secure access patterns using AWS Workspaces, Zscaler, and other Zero Trust solutionsDefine end-to-end connectivity from network edge (Palo Alto firewalls, ingress/egress) through AWS to application accessEstablish automated onboarding for new applications into the platformIntegrate security scanning and compliance checks into CI/CD pipelinesDefine observability standards across logging, monitoring, and alertingRequired Qualifications:10+ years of experience in infrastructure engineering or architectureStrong hands-on experience with AWS architecture, including VPC design, IAM, EC2, RDS, and networkingProven experience designing and implementing multi-AZ and multi-region architectures for high availability and resilienceStrong experience with CI/CD platforms, preferably GitLabHands-on experience with Infrastructure as Code (Terraform or OpenTofu)Strong understanding of networking, firewalls, and secure connectivityExperience building platforms that support multiple applications and teamsStrong understanding of DevSecOps practices and automationNice to Have:Experience with AWS Workspaces or similar virtual desktop solutionsExperience with Zscaler or other Zero Trust network access solutionsExperience integrating Palo Alto firewalls or similar network security toolsExperience in federal or regulated environmentsWhat Success Looks LikeNGSC is fully established with standardized architecture and guardrailsAll applications are onboarded through consistent CI/CD pipelinesInfrastructure is reusable through IaC modules, reducing duplicationHigh availability is achieved through proper multi-AZ and multi-region designSecure access is enforced through Zero Trust patternsReduced operational overhead and improved system visibilityLocation: RemoteClearance: Ability to obtain Tier 4 Public trust.