Senior Cloud Engineer (AWS)

Senior Cloud Engineer (AWS) • Role: Senior Cloud Engineer • Contract Length: 90 days total engagement • Employment Type: B2B • Workload: Full-time (100%) • Work Mode: 100% Remote • Time Zone: CET/CEST (Poland) — occasional meetings after 18:00 About the Project We are supporting a client from the medical sector in the modernisation of their AWS cloud platform. The engagement is divided into two phases: • Phase 1 (Weeks 1–6): cloud environment setup, security, governance, networking, and CI/CD foundations • Phase 2 (Weeks 7–12): backend engineering and application delivery As the Senior Cloud Engineer, you will be the primary owner of the infrastructure layer and will work directly with the client’s engineering team from day one. This is not a greenfield project. The focus is on restructuring, hardening, and standardising an existing AWS environment. The success of Phase 2 depends on completing the cloud foundation work by the end of week 6 — especially networking, identity management, and CI/CD readiness. Tech Stack Infrastructure & Networking • AWS Organizations • AWS Control Tower • Account Factory for Terraform (AFT) • VPC • Transit Gateway • Route 53 Identity & Security • IAM • AWS Identity Center (SSO) • SCPs • GuardDuty • CloudTrail • AWS Config • Security Hub IaC & CI/CD • Terraform • GitLab CI/CD • GitLab Runners • Docker • ECS / EKS • ECR Compliance & Operations • HIPAA • SOC 2 • AWS Backup • Cost Explorer • Cross-region replication Responsibilities Infrastructure & Security • Perform AWS environment inventory and align infrastructure to client standards • Design and implement hub-and-spoke networking using Transit Gateway • Consolidate identity management with AWS Identity Center, SCPs, and IAM • Configure security baseline services including CloudTrail, GuardDuty, Config, and Security Hub • Implement data access controls, backup policies, cross-region replication, and cost visibility dashboards CI/CD & Developer Enablement • Build and manage GitLab Runner infrastructure • Design CI/CD reference pipelines for multi-environment deployments • Create reusable Terraform module libraries (VPC, IAM, S3, RDS, ECS/EKS, etc.) • Implement organisation-wide guardrails and policy enforcement • Support developer onboarding with tooling and documentation Requirements Must Have • Hands-on experience with AWS Organizations, Control Tower, and Account Factory for Terraform — including independent landing zone setup • Minimum 3 years of commercial experience with Terraform (modules, remote state, workspaces) • Strong experience designing GitLab CI/CD pipelines for multi-environment deployments • Advanced AWS networking knowledge: VPC, Transit Gateway, Route 53 • Experience with IAM, AWS Identity Center (SSO), and SCPs at organisation scale • Practical experience with GuardDuty, CloudTrail, Config, and Security Hub • Familiarity with HIPAA and/or SOC 2 compliance requirements • Experience with Docker and ECS or EKS • 5+ years working with AWS, including 2+ years in Cloud / Platform Engineering roles in enterprise environments Nice to Have • Azure experience • Healthcare / medical IT background • Experience with Confluence and Jira • Cloud cost optimisation experience (Cost Explorer, tagging strategies)