Enterprise Architecture Design: Architect multi-region, multi-account enterprise AWS landing zones using AWS Control Tower, AWS Organizations, and custom Service Control Policies (SCPs) tailored to complex financial enterprise structures.
Security & Compliance Realization: Build architectures that natively satisfy SOC2, PCI-DSS, ISO 27001, and Federal Reserve/SEC compliance frameworks. Implement advanced edge security, encryption-at-rest/in-transit, KMS management, and AWS Network Firewall topologies.
Infrastructure as Code (IaC): Establish global, repeatable patterns using production-grade Terraform, OpenTofu, or AWS CDK, strictly adhering to GitOps principles.
Resiliency & DR Design: Architect high-availability (HA) and disaster recovery (DR) frameworks capable of meeting strict RTO/RPO requirements for critical financial transaction systems across multiple Availability Zones and AWS Regions.
AWS ProServe Delivery: Act as an embedded subject matter expert representing client within AWS Professional Services delivery squads, ensuring flawless execution against client milestones.
Required Qualifications
Experience: 10+ years of IT engineering experience, with 4+ years dedicated to enterprise AWS architecture.
Domain Expertise: Minimum 3 years working directly within Financial Services (Banking, Trading, FinTech, Payments, or Insurance). Deep familiarity with financial compliance architectures and data sovereignty.
Technical Deep Dive: Advanced mastery of AWS Networking (VPC, Transit Gateway, PrivateLink), IAM (Resource policies, ABAC/RBAC, boundary policies), and monitoring (CloudTrail, GuardDuty, AWS Config).