Cloud Engineer – Networking AWS (IGT1)

The Cloud Engineer Networking focuses on the design operation and troubleshooting of network services that underpin Rhapsodys AWShosted platforms (RaaS CaaS Envoy Identity/NGS). You will build and support secure resilient connectivity VPC/VPCe Transit Gateway Direct Connect sitetosite VPNs (including Sophos XG or similar) routing DNS and load balancing while partnering with CloudOps/SRE Security Product Support and customer teams across US/UK/APAC time zones. Success in this role requires strong networking fundamentals handson AWS networking crisp incident handling and a serviceoriented mindset.

Key Responsibilities

• Design configure and operate AWS networking: VPC/VPCe Subnets Route Tables NACLs Security Groups Transit Gateway PrivateLink NAT IGW Route 53 and hybrid connectivity patterns.
• Build and maintain sitetosite VPNs (IPsec) and Direct Connect (with BGP) including failover and HA designs; administer Sophos XG (or equivalent) virtual firewalls.
• Manage Layer4/7 traffic using ALB/NLB AWS WAF TLS termination and client/server certificate workflows (PKI).

• Lead deepdive troubleshooting for network connectivity (AWS customer DC/cloud) packet flow NAT routing asymmetry MTU/fragmentation TCP/TLS DNS and identityadjacent issues.
• Instrument and monitor network health (CloudWatch VPC Flow Logs Datadog firewall logs); respond to alerts drive rapid mitigation and provide clear RCA inputs.

• Execute network changes and environment builds using Terraform and AWS CLI following change controls and maintenance windows.
• Develop scripts (Bash/Python/PowerShell) for validation checks log parsing and configuration hygiene; reduce toil via automation and golden patterns.

• Enforce leastprivilege network access segmentation standards and encryption in transit; collaborate with Security on detections and guardrails.
• Maintain auditable documentation (diagrams SOPs/runbooks firewall rulesets cert inventories) and support patching/compliance activities.

• Work directly with customer IT/network teams to set up connectivity (VPN/DCX) perform cutovers and resolve issues; explain decisions and tradeoffs clearly.
• Partner with SRE/Engineering to improve observability resiliency and performance; assist Support with networkcentric cases.

• Participate in the global oncall rotation for P1/P2 incidents; own clean shift handoffs and accurate ticket hygiene.
• Contribute to postincident reviews knowledge base articles and continuous improvement initiatives.

Qualifications :

Required Qualifications

• 2-3 years in Cloud/Network Engineering Network Operations or SRE with strong networking focus.
• Handson AWS networking experience (VPC/TGW/Route 53/ALBNLB/PrivateLink/VPN/Direct Connect/BGP).
• Strong network fundamentals: TCP/IP routing (static/BGP) NAT ACLs firewalls DNS TLS/PKI IPsec; packet capture/flow analysis (e.g. tcpdump Wireshark).
• Proficiency with Bash Python Terraform and AWS CLI; Gitbased workflows and change control discipline.
• Linux administration fundamentals; comfort reading system/app logs.
• Experience in followthesun/247 environments with oncall participation.
• Excellent written and verbal communication for global and customerfacing work.

Preferred Qualifications

• Certifications (one or more): AWS Advanced Networking Specialty AWS Solutions Architect Associate/Professional CCNA/CCNP Network or Fortinet/Sophos equivalents.
• Experience with Sophos XG (or similar virtual firewall) IPsec/IKEv2 tuning and HA patterns.
• Exposure to observability/SIEM/EDR (Datadog Rapid7 SentinelOne) and security best practices.
• Familiarity with healthcare integration engines (Rhapsody/Corepoint) or other enterprise SaaS workloads.
• Scripting beyond basics (Python/Bash) and CI/CD familiarity.

Shift & OnCall Expectations

• Assigned shift coverage aligned with global operations; occasional shift adjustments for maintenance or projects.
• Participation in rotational oncall for P1/P2 events per local policy
• Precise handoffs and status updates at shift boundaries.

Education

• College degree in Computer Science Information Technology or a closely related field preferred
• Demonstrated relevant experience may be substituted for a degree
• AWS certification preferred (e.g. AWS Solutions Architect AWS Advanced Networking Specialty)

Additional Information :

We champion flexibility and hybrid work options to support varying lifestyles and personal needs. At the same time we value the power of in-person collaboration to build community spark innovation and strengthen connections. Our approach ensures you can work in ways that suit you best while still engaging with colleagues to share ideas and grow together. #LI-Hybrid #LI-DNP 

Remote Work :

No

Employment Type :

Full-time