Cloud Operations Specialist

Position Summary

The Cloud Operations Specialist is responsible for ensuring the stability security governance and high availability of Assents AWS cloud environment and SaaS production systems. This role requires deep hands-on experience with enterprise-scale AWS multi-account environments particularly in AWS Organizations AWS Control Tower and AWS IAM Identity Center (SSO).

Working within the SaaS Product Infrastructure group the Cloud Operations Specialist collaborates closely with Engineering Product Corporate Security and IT teams to maintain a secure and reliable cloud platform. The ideal candidate brings strong operational discipline long-term ownership experience and the ability to work independently in a fast-paced globally distributed environment. This role requires strong proficiency operating AWS governance and identity systems entirely through Infrastructure as Code (IaC) with all changes implemented through Terraform and delivered via GitHub Actions pipelines.

Key Requirements & Responsibilities 

AWS Platform Governance & Identity

• Administer and enhance Assents AWS multi-account environment using AWS Organizations and AWS Control Tower.

• Manage AWS Platform Governance & Identity exclusively through Infrastructure as Code (Terraform) ensuring all changes are codified peer-reviewed and deployed via GitHub Actions workflows with minimal AWS console usage.

• Manage the lifecycle of AWS accounts including provisioning guardrail enforcement compliance assessments and drift remediation.

• Own configuration and governance of AWS IAM Identity Center including permission sets assignment models and cross-account access patterns.

• Implement and maintain Service Control Policies (SCPs) organizational guardrails and governance frameworks.

• Collaborate with Corporate Security on access governance audit readiness and implementation of cloud security best practices.

• Ensure consistent application of enterprise standards across all accounts to support scalability and operational excellence.

• Serve as a subject-matter expert for AWS organizational design identity architecture and governance automation.

• Infrastructure as Code Automation & CI/CD

• Provision manage and govern all AWS platform resourcesincluding Organizations Control Tower Identity Center SCPs and account lifecycleusing Terraform following a strict code-first operating model with limited console access.

• Experience working with multi-account Terraform architectures including reusable modules organizational workspaces and remote state patterns

• Operate GitHub Actions as the primary CI/CD mechanism for all governance and provisioning pipelines ensuring consistent validated and compliant deployments.

• Use Lambda and automation tooling to streamline cloud governance account lifecycle and configuration consistency.

• Collaborate with engineering teams to enforce Infrastructure as Code standards and improve deployment consistency.

• AWS Services & Cloud Infrastructure Operations

• Support and operationalize core AWS services including:

  • Compute & containers: EC2 ECS (Fargate)

  • Databases & messaging: RDS (PostgreSQL SQL Server) AmazonMQ

  • Networking & CDN: Route53 API Gateway CloudFront

  • Messaging & notifications: SQS SNS SES

• Install configure secure and troubleshoot Linux and Windows servers in cloud environments.

• Participate in infrastructure lifecycle management including patching updates backups and resilience testing.

• Monitoring Observability & Incident Response

• Proactively monitor systems and applications using observability platforms (e.g. CloudWatch ElasticSearch/OpenSearch New Relic Datadog).

• May participate in an on-call rotation for production infrastructure ensuring timely incident response and resolution.

• Implement best practices for logging alerting automated remediation and operational health dashboards.

• Conduct root-cause analysis and propose long-term improvements to prevent recurrence.

• Security Compliance & Governance Support

• Enforce cloud security policies and identity governance best practices across all AWS accounts.

• Support internal and external security audits of cloud platforms.

• Partner with Corporate Security to align cloud controls with regulatory and compliance standards.

• Maintain encryption auditing and configuration standards (KMS CloudTrail AWS Config etc.).

• Collaboration Documentation & Continuous Improvement

• Work closely with cross-functional teams to support platform stability and cloud adoption.

• Help lead Infrastructure and joint Infrastructure-Engineering projects.

• Create and maintain documentation for cloud architecture governance controls operational procedures and automation workflows.

• Contribute to business continuity resilience engineering and disaster recovery planning.

Qualifications :

Minimum Requirements

Enterprise AWS Governance Experience (Must-Have)

• 5 years of hands-on experience managing AWS multi-account environments with AWS Organizations AWS Control Tower and AWS IAM Identity Center (SSO).

• Demonstrated experience managing AWS Organizations Control Tower and Identity Center entirely through Terraform including version-controlled permission sets account provisioning workflows and SCPs.

• Commitment to a no unmanaged changes approachmust be comfortable operating in an environment where AWS console access is restricted and infrastructure is exclusively managed as code.

• Demonstrated long-term ownership of organizational governance account lifecycle management SCPs and permission set models.

• Experience implementing enterprise identity governance access controls and compliance frameworks at scale.

• Core Technical Requirements

• AWS Solutions Architect Associate (or higher) certification preferred.

• Strong experience with Terraform (Infrastructure as Code) and managing state in S3 for multi-account deployments.

• Hands-on experience creating and maintaining GitHub Actions pipelines for infrastructure deployment and automation.

• Experience with containerized workloads using ECS/Fargate.

• Proficiency with Linux and Windows server administration in cloud environments.

• Experience operating search/logging platforms such as ElasticSearch/OpenSearch.

• Experience with configuration management and automation via Ansible Semaphore or similar tools.

• Preferred Qualifications

• Experience with New Relic Datadog PagerDuty or similar modern observability platforms.

• Experience with SolarWinds DPA or similar database performance tools.

• Familiarity with Auth0 or other identity providers.

• Experience working within enterprise SaaS regulated industries or high-security cloud environments.

• Strong scripting proficiency (Python PowerShell or Bash).

• Experience with proactive monitoring observability tooling and operational automation.

• Professional Skills

• Demonstrated ability to work independently and manage complex operational responsibilities with minimal supervision.

• Strong analytical troubleshooting and decision-making skills under pressure.

• Excellent written and verbal communication skills for collaborating with technical and non-technical stakeholders.

• Detail-oriented highly organized and committed to continuous learning and improvement.

• Ability and willingness to support off-hours work as required including on-call participation.

Additional Information :

Life at Assent

Wellness: We believe that you and your familys well being is important. As a result we offer vacation time that increases with tenure comprehensive benefits packages (details vary by country) life leave days and more.

Financial Benefits: Its not all about the money well its a little about the money. We understand that financial health is important and we offer a competitive base salary a corporate bonus program retirement savings options and more.

Life at Assent: There is purpose beyond your work. We provide our team members with flexible work options volunteer days and opportunities to get involved in corporate giving initiatives.

Lifelong Learning: At Assent curiosity is not only valued but encouraged. You will receive professional development days that are available to you the day you start.

At Assent we are committed to growing and sustaining an environment where our team members feel included valued and heard. Our diversity and equal opportunity practices are guided and championed by our Diversity and Inclusion Working Group and our Employee Resource Groups (ERGs).

Our commitment to diversity equity and inclusion includes recruiting and retaining team members from diverse backgrounds and experiences and fostering a culture of belonging where all team members are included treated with dignity and respect promoted on their merits and placed in positions to contribute to business success.

If you require assistance or accommodation throughout any part of the interview and selection process please contact and we will be happy to help.  

We use AI to support parts of our recruitment process such as note-taking and initial shortlisting based on job-related qualifications. AI does not make hiring decisions. All candidates will speak with a real person and final decisions are always made by our recruitment team.

Remote Work :

No

Employment Type :

Full-time