AWS Infra Architect

Support the migration process of ADW On-premise to AWS cloud.

Platform support for Prod, QA, and Dev environments. Please refer to Exhibit B for Environment details.

Configure, maintain, and support Control Tower AWS Organizations to manage AWS accounts.

Configure and maintain PrivateLink in AWS environments.

Apply security and environment-related patches to EC2 machines based on approval.

Troubleshoot issues related to scope of MSP support components (VPCs, EC2s, S3, EBS).

After resolution of issues, create RCA (Root Cause Analysis) documents with remediation steps and preventative actions.

Manage change requests and problem management.

Manage storage, including EBS volumes and server management.

Create and manage S3 buckets, and optimize S3 / Glacier lifecycle policies.

Collaborate with InfoSec to implement security mechanisms, including deploying security rules with hardware and software security solutions.

Maintain AWS best practices and CIS benchmarks above 90% compliance.

Implement and maintain security control policies and guardrails as per Control Tower and compliance requirements.

Support IAM matrix for user access to Data Lake post-migration.

Analyze and support WLM (Workload Management) of jobs based on new migration setup.

Configure/support Config Rules and Alerts based on S3 / Glacier utilization and Redshift.

Review database usage and provide analysis for system improvements in conjunction with Redshift and Data Lake.

Configure/support EKS for development projects.

Recommend cost optimization measures for storage services, especially Redshift.

Support tuning and optimization of Redshift database performance and security incident response.

Collaborate with IT Ops for incident management activities.

Integrate CloudTrail with SIEM and coordinate with cybersecurity teams for security alerts.

Support resolution of database connectivity issues, escalating complex issues to the DB team.

Conduct vulnerability assessments using AWS Inspector monthly, and coordinate patching and remediation with relevant teams.

Support ETL and data modeling on AWS, with expertise in Redshift and database concepts.

Support security and monitoring of Lambda, Glue, Step Functions, and VPC related to Data Lake.

Support integration and accessibility across environments (NonProd/Prod) under Control Tower setup.

Adhere to MSP incident management processes (refer to pages 11 & 12).

Operate using AWS Management Console and CLI.

Implement security controls to ensure compliance.

Configure and maintain IAM user access to AWS accounts.

Configure, maintain, and support Security Hub for AWS best practices and CIS compliance.

Generate SOC1 & SOC2 reports using AWS Artifact.

Support disaster recovery services across multiple AWS regions, including indexing and replication.

Configure/support Directory Service for SSO management and AD authentication.

Set up and provision user access for Amazon Connect applications.

Set up, monitor, and maintain Salesforce PrivateLink/NLB.

Deploy RapidMiner and Mulesoft applications on EC2.

Manage AWS certificates by tracking expiry and coordinating with HAEA team for extensions.

Follow SOPs for running Glue jobs, Lambda functions, and other maintenance activities, including post-validation testing.

Require a strong AWS architect with a minimum of 10 years of experience.