Cloud Lead (AWS DevSecOps)
Cognizant · New York, NY · 2 wk ago
HybridManagement$114k–$128k/yrFull-time
About the role
We are seeking a highly skilled Cloud Architect / Cloud Lead with deep expertise in AWS, DevOps, and DevSecOps practices. This role will be responsible for designing, implementing, and optimizing scalable cloud infrastructure, CI/CD pipelines, and secure deployment frameworks.
Responsibilities
- Design and implement robust GitLab CI/CD pipelines using multi-stage YAML for build, testing, security scanning, and multi-environment deployments.
- Configure and manage GitLab Runners (EC2/EKS-based autoscaling) with focus on scalability, performance, and security.
- Optimize pipeline performance through parallel execution, caching, artifact reuse, and conditional workflows.
- Implement automated release management including tagging, semantic versioning, rollback strategies, and audit traceability.
- Develop Infrastructure as Code (IaC) using Terraform and AWS CDK (TypeScript/Python) with modular and reusable design patterns.
- Automate provisioning of AWS services such as VPC, IAM, EC2, ECS/EKS, Lambda, RDS, and S3 using parameterized templates.
- Build and manage multi-account and multi-region AWS environments using CDK pipelines and GitLab integration.
- Implement scalable and resilient deployment strategies including blue/green, canary, and rolling deployments.
- Automate deployment of applications to container platforms (ECS/EKS), including image build pipelines and runtime configuration.
- Manage Kubernetes deployments using Helm charts and establish repeatable deployment standards.
- Implement container lifecycle management and registry governance using GitLab Registry and Amazon ECR.
- Integrate security controls within CI/CD pipelines including SAST, DAST, dependency scanning, container scanning, and secrets detection.
- Enforce least-privilege access by designing IAM roles, policies, and cross-account access controls.
- Implement secure configuration and secrets management using AWS Secrets Manager, SSM Parameter Store, and CI/CD variables.
- Enable compliance reporting aligned to PCI DSS, SOC 2, GDPR, and CIS benchmarks.
- Design and implement end-to-end observability frameworks using AWS CloudWatch (logs, metrics, alarms).
- Integrate third-party monitoring tools such as Datadog, Dynatrace, Splunk, or Grafana.
- Build centralized logging architecture with CloudWatch, CloudTrail, and S3 archival and retention policies.
- Develop custom CloudWatch dashboards with dynamic filtering and service correlation views.
- Configure advanced alerting mechanisms including composite alarms, anomaly detection, and threshold tuning.
- Enable cross-account observability using AWS Organizations and centralized monitoring accounts.
- Troubleshoot and resolve issues across CI/CD pipelines, infrastructure, networking, IAM, and runtime environments.
- Ensure high availability, scalability, and reliability of cloud environments through proactive monitoring and optimization.
Requirements
- Extensive experience with AWS Cloud services (10+ years preferred)
- Strong hands-on expertise in Terraform and AWS CDK
- Solid experience with container platforms (ECS/EKS, Kubernetes)
- Proficiency in DevSecOps tools and security integration
Preferred Skills
- Experience with multi-account AWS architecture and governance
- Exposure to financial services regulatory environments
- Strong scripting skills in Python or TypeScript
- Experience with observability platforms (Datadog, Splunk, Dynatrace, Grafana)
Benefits
- Cognizant Medical/Dental/Vision/Life Insurance
- Paid holidays plus Paid Time Off
- 401(k) plan and contributions
- Long-term/Short-term Disability
- Paid Parental Leave
- Employee Stock Purchase Plan