Cloud AWS Engineer, GESS - Global Capability Center
Indexed description
The Team
We are looking for an experienced and driven AWS professional to join our engineering team in a combined Senior Cloud Engineer and even some Cloud Architect capacity. This is a high-impact, dual-function role that sits at the heart of our cloud strategy — you will be both a hands-on builder and a strategic thinker. Day-to-day, you will design and maintain our AWS infrastructure, lead cloud architecture decisions, and set the technical standards that guide the wider engineering organisation. You will work closely with software engineers, security teams, and senior stakeholders to ensure our cloud platform is secure, scalable, cost-efficient, and aligned with business goals. This role suits an engineer who has grown beyond pure execution and is ready to take ownership of architecture and governance, while remaining close to the technology, and ideally has worked in both AWS and Azure clouds. .
How You Will Contribute
- Engineering & Infrastructure:
- Infrastructure as Code – Design, build, and maintain infrastructure using Terraform, AWS CloudFormation, or AWS CDK.
- CI/CD Pipelines – Deliver and manage automated deployment pipelines using AWS CodePipeline, GitHub Actions, or Jenkins.
- Monitoring & Observability – Implement monitoring, alerting, and logging using CloudWatch, Datadog, Grafana, or similar.
- Incident Response – Lead root cause analysis and resolution of production incidents; contribute to on-call rotations.
- Documentation – Maintain up-to-date architecture diagrams, runbooks, and decision records.
- Architecture & Design:
- Cloud Architecture Vision – Own the end-to-end architecture strategy, defining reference patterns and guardrails used across all teams.
- Well-Architected Reviews – Conduct and facilitate AWS Well-Architected Reviews across the five pillars: operational excellence, security, reliability, performance, and cost.
- Technology Evaluation – Assess and recommend new AWS services and third-party tooling, balancing innovation with operational stability.
- Cloud-Native Patterns – Drive adoption of event-driven architecture, microservices, serverless, and twelve-factor design principles.
- Governance & Security
- Cloud Governance – Establish and enforce governance frameworks — account structures, landing zones, tagging policies, and guardrails via AWS Control Tower and AWS Organisations.
- Security Architecture – Own the cloud security posture, designing zero-trust network models, identity federation strategies, and data protection controls.
- Compliance – Ensure compliance with relevant frameworks including SOC 2, ISO 27001, GDPR, and HIPAA/PCI-DSS where applicable.
- Threat Modelling – Lead architecture security reviews and threat modelling for new systems.
- Cost, Performance & Strategy
- FinOps – Own the cloud spend strategy, partnering with finance and engineering to set budgets, track usage, and drive continuous optimisation.
- Performance at Scale – Design for resilience and low latency, including multi-region architectures and disaster recovery planning.
- Stakeholder Engagement & Leadership
- Executive Communication – Translate complex cloud trade-offs into clear guidance for C-suite and non-technical stakeholders.
- Cross-Functional Collaboration – Partner with product, data, and security teams to align cloud architecture with broader business goals.
- Vendor Management – Represent the engineering organisation in relationships with AWS and third-party partners.
- Mentorship – Coach
- This is a senior, dual-function role. Candidates should bring both strong engineering fundamentals and the ability to operate at an architectural and strategic level.
- 7+ years in cloud engineering, DevOps, or infrastructure roles, with at least 4 years focused on AWS (some Azure skills will be beneficial)
- Proven experience delivering and architecting large-scale, production AWS environments across multiple accounts and regions.
- Background in both hands-on infrastructure work and architecture-level decision making.
- Some Azure experience is an advantage
- Deep knowledge of core AWS services: EC2, ECS/EKS, Lambda, S3, RDS/Aurora, VPC, IAM, Route 53, CloudFront, SQS/SNS.
- Expert-level AWS networking: Transit Gateway, VPC peering, Direct Connect, PrivateLink, DNS, TLS, and load balancing.
- Strong Infrastructure as Code proficiency — Terraform preferred; CloudFormation or CDK also valued.
- Containerisation and orchestration: Docker, Kubernetes/EKS.
- Cloud security architecture: IAM, SCP, KMS, Secrets Manager, GuardDuty, Security Hub, WAF.
- Multi-account AWS strategies using Organisations, Control Tower, and Service Catalog.
- Proficiency in at least one scripting or programming language: Python, Bash, or Go.Must be able to maintain confidentiality.
- Excellent written and verbal communication; able to present to both technical teams and senior leadership.
- Strong analytical thinking and the ability to make sound decisions under pressure.
- Experience mentoring engineers and influencing technical culture.
Culture & Values
At Alvarez & Marsal, our core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity guide everything we do, shaping a culture rooted in entrepreneurship, impact, and integrity. We trust our people to take ownership early, contribute to meaningful challenges, and drive results that matter. We empower growth and champion diverse perspectives. Above all, we value doing the right thing. For those ready to roll up their sleeves, lead with integrity, and be difference makers, this is where it starts.
Equal Opportunity Employer
It is Alvarez & Marsal’s practice to provide and promote equal opportunity in employment, compensation, and other terms and conditions of employment without discrimination because of race, color, creed, religion, national origin, ancestry, citizenship status, sex or gender, gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, family medical history, genetic information or other protected medical condition, political affiliation, or any other characteristic protected by and in accordance with applicable laws. Employees and Applicants can find A&M policy statements and additional information by region here.
Unsolicited Resumes from Third-Party Recruiters
Please note that as per A&M policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters are engaged to provide candidates for a specified opening. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that A&M will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search