DevOps Engineer AWS (68 Years Experience)

Role Overview

Key Responsibilities

1. AWS Infrastructure Engineering

• VPC Subnets NAT Security Groups NACLs
• EC2 ECS/Fargate EKS
• Lambda serverless workloads
• RDS (MySQL/PostgreSQL) DynamoDB ElastiCache (Redis)
• S3 (with versioning replication lifecycle rules)
• API Gateway Application Load Balancer NLB
• AWS WAF CloudFront
• Secrets Manager & KMS
• CloudWatch CloudTrail Config

2. CI/CD & Automation

• Build scalable CI/CD pipelines using:
• AWS CodePipeline CodeBuild CodeDeploy
• OR GitHub Actions / Bitbucket Pipelines
• Automate deployments for:
• .NET Core APIs
• / Express services
• React/ frontends
• Container workloads
• Implement:
• Blue/Green & Canary deployments
• Automated rollback strategies
• Secretless pipeline execution (AWS IAM roles)

3. Infrastructure as Code (IaC)

• Author modularize and maintain IaC using:
• Terraform (preferred)
• or AWS CloudFormation
• Manage remote state workspaces environment-specific variables.
• Ensure resources follow Well-Architected Framework cost tagging and naming standards.

4. Security Compliance & Best Practices

Key Responsibilities

• Enforce IAM best practices:
• No long-lived credentials
• Role-based access ONLY
• Cross-account IAM roles where required
• Harden VPC SGs NACLs encryption policies.
• Enforce private access patterns:
• VPC Endpoints for S3 DynamoDB Secrets Manager
• No public internet exposure unless required
• Set up AWS WAF & Shield protections.
• Enable CloudTrail GuardDuty Security Hub.
• Implement KMS encryption across services.
• Apply CIS benchmarks for EC2 EKS IAM RDS.
• Automate vulnerability scanning with Amazon Inspector or third-party tools.

5. Observability Logging & Reliability

• Set up CloudWatch metrics logs alarms dashboards.
• Implement structured logging (JSON-based) for microservices.
• Configure distributed tracing (X-Ray).
• Define SLIs/SLOs and error budget monitoring.
• Implement auto-scaling for ECS/EKS/EC2 based on usage patterns.

6. Containers & Microservices

• Architect and maintain workloads on:
• ECS (Fargate/EC2)
• EKS (Kubernetes)
• Optimize Docker images (multi-stage builds caching).
• Implement service mesh (App Mesh Istio on EKS) preferred but optional.
• Utilize AWS App Mesh Parameter Store or Secret Manager for secure config injection.

7. Collaboration & Delivery

• Work closely with architects developers and project managers.
• Participate in design reviews and ensure infra aligns with AWS best practices.
• Support production releases DR drills capacity planning and RCAs.
• Mentor junior DevOps engineers in the Kochi team.

Required Skills & Experience

Core Skills

• 68 years hands-on AWS DevOps experience
• Strong expertise in:
• Terraform (mandatory)
• EC2 ECS EKS Lambda
• API Gateway ALB/NLB
• VPC Route 53 IAM WAF
• RDS DynamoDB ElastiCache
• GitHub Actions or AWS CodePipeline
• ECR Docker container deployment patterns

Security Skills

• Deep understanding of:
• IAM role-based access
• Encryption at rest/in transit
• PrivateLink & VPC Endpoints
• WAF GuardDuty Security Hub
• KMS Secrets Manager
• AWS Organizations & SCPs (nice to have)

Soft Skills

• Strong problem-solving & debugging skills
• Excellent communication with global teams
• Ability to manage simultaneous projects
• Strong documentation and ownership mindset

Nice-to-Have Skills

• Experience with:
• EKS service mesh
• GitOps (ArgoCD/Flux)
• AWS Step Functions
• EventBridge patterns
• AWS SQS/SNS/Kinesis
• Serverless Framework
• FinOps & cost optimization strategies
• AI integrations (Bedrock Sagemaker)
• Certifications:
• AWS Solutions Architect Associate/Professional
• AWS DevOps Engineer Professional