Senior Engineer DevOps (AWS Cloud Architecture)

Job Title: Senior Engineer - DevOps (AWS Cloud Architecture)

Career Level: D / E

Introduction to role:

Are you ready to architect secure scalable AWS platforms that accelerate how life-changing medicines reach patients This role sits at the heart of our digital and data transformation building cloud foundations that power discovery development and delivery across the enterprise.

You will join a team of entrepreneurial engineers who take ownership experiment boldly and turn ideas into operational reality. Here youll shape the AWS ecosystem that enables rapid product delivery modern application patterns and trusted data at scale. How will you lead the next step in our journey to a truly data-led enterprise

Accountabilities:

• Cloud Architecture and Infrastructure: Architect and operate foundational AWS infrastructure including multi-account landing zones VPC networking identity and security guardrails to enable secure scalable platforms and rapid product delivery.

• Infrastructure as Code: Build and maintain reproducible environments using Terraform or CloudFormation/CDK; create reusable modules pipelines and policy guardrails to increase consistency and speed.

• CI/CD and Automation: Design and operate CI/CD pipelines (GitHub Actions GitLab CI Jenkins) with automated build test security scanning and deployment for microservices and data workloads to improve quality and throughput.

• Container Platforms: Operate and optimize EKS and/or ECS/Fargate covering cluster provisioning autoscaling ingress/service mesh and cost/performance tuning to deliver resilient services at scale.

• Observability and SRE: Implement monitoring logging and tracing (CloudWatch Prometheus/Grafana Open Telemetry); define SLOs/SLIs lead incident response and strengthen reliability to meet service commitments.

• Security and Compliance: Embed security-by-design with IAM least privilege KMS Secrets Manager network segmentation strategies dedicated private endpoints vulnerability monitoring and policy-as-code (OPA); support audits and compliance (ISO 27001 SOC 2 GxP as applicable).

• Networking: Design and manage VPC architectures (subnets NAT Transit Gateway routing NACLs security groups) hybrid connectivity (VPN/Direct Connect) and private service access to ensure secure performant connectivity.

• Migration and Modernization: Lead on-prem to AWS migration projects end-to-end from discovery and assessment through landing zone setup integration wave planning data migration cutover stabilization and modernization to cloud-native patterns.

• Data and Application Platforms: Provide teams with architectural approaches for APIs event streams serverless and managed data services. These include SNS/SQS/Kinesis Lambda RDS/Aurora DynamoDB OpenSearch MSK or equivalent experience. This support helps accelerate product delivery.

• Cost Management: Implement tagging budgets rightsizing and reserved/savings plans; provide cost visibility and optimization recommendations aimed at improving value.

• Governance and Multi-Account Strategy: Manage AWS Organizations/Control Tower SCPs environment isolation (dev/test/prod) and compliance baselines to maintain a secure and orderly cloud estate.

• Technical Leadership: Mentor engineers define standards author RFCs/design docs and drive adoption of platform capabilities and standard methodologies to uplift engineering effectiveness.

• Run and Operate: Own production readiness lead all aspects of updates and modifications manage on-call rotations and drive continuous improvement to increase platform reliability and delivery efficiency.

Essential Skills/Experience:

• Architecting and operating foundational AWS cloud infrastructure including multi-account landing zones VPC networking identity and security guardrails

• Infrastructure as Code proficiency with Terraform or CloudFormation/CDK including reusable modules pipelines and policy guardrails

• CI/CD pipeline design and operation using GitHub Actions GitLab CI or Jenkins with automated build test security scanning and deployment

• Operating and optimizing EKS and/or ECS/Fargate including cluster provisioning autoscaling ingress/service mesh and cost/performance tuning

• Observability and SRE practices with CloudWatch Prometheus/Grafana and OpenTelemetry; defining SLOs/SLIs and leading incident response

• Security-by-design across AWS: IAM least privilege KMS Secrets Manager network segmentation private endpoints vulnerability management and policy-as-code (OPA); audit and compliance support (ISO 27001 SOC 2 GxP)

• VPC architecture design and management: subnets NAT Transit Gateway routing NACLs security groups; hybrid connectivity via VPN or Direct Connect; private service access

• Leading on-prem to AWS migrations end-to-end and modernizing workloads to cloud-native patterns

• Designing patterns for APIs event streams (SNS SQS Kinesis) serverless (Lambda) and managed data services (RDS/Aurora DynamoDB OpenSearch MSK)

• Cost management: tagging budgets rightsizing reserved/savings plans; cost visibility and optimization recommendations

• Governance across multi-account environments: AWS Organizations Control Tower SCPs environment isolation and compliance baselines

• Technical leadership: mentoring standards definition RFCs/design documentation and platform capability adoption

• Operations excellence: production readiness change management on-call rotations and continuous improvement

Desirable Skills/Experience:

• Depth across both EKS and ECS/Fargate including service mesh integration (e.g. App Mesh or Istio) and advanced ingress strategies

• Hands-on experience implementing OpenTelemetry end-to-end and tuning Prometheus/Grafana at scale

• Proven delivery of GxP or similar regulated cloud environments and audit readiness

• Advanced governance experience with AWS Control Tower customization SCP strategy and multi-account blueprints

• Building shared Terraform or CDK modules and reference architectures consumed by multiple teams

• Leading complex migration wave planning cutovers and stabilization with minimal disruption

• Cost optimization at scale including workload rightsizing reserved/savings plan strategies and chargeback/showback models

When we put unexpected teams in the same room we ignite bold thinking with the power to inspire life-changing -person working gives us the platform we need to connect work at pace and challenge perceptions. Thats why we work on average a minimum of three days per week from the office. But that doesnt mean were not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and ambitious world.

Why AstraZeneca:

Join a technology organization that pairs brand new engineering with a clear mission: enabling science to move faster and reach patients sooner. You will collaborate with diverse experts experiment in hackathons and harness modern cloud and data platforms to drive enterprise-scale impact. We back bold ideas with real investment value kindness alongside ambition and bring different perspectives together to spark new solutionsso your work not only advances our digital strategy it directly supports the discovery and delivery of medicines.

If youre ready to take ownership of a modern AWS platform and turn ambitious ideas into tangible outcomes for patients step forward and shape whats next!

Date Posted

Closing Date

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds with as wide a range of perspectives as possible and harnessing industry-leading skills. We believe that the more inclusive we are the better our work will be. We welcome and consider applications to join our team from all qualified candidates regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment) as well as work authorization and employment eligibility verification requirements.