About this role
<div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Role Overview</b></H2> </div><div><p>This role exists to define, lead, and evolve StarHub’s AWS cloud architecture to meet the organization’s scalability, security, and reliability needs. The Principal Cloud Architect will establish best-practice cloud standards, drive enterprise adoption of cloud-native platforms, and ensure solutions are built in alignment with business strategy. This position provides deep technical leadership to modernize infrastructure and accelerate digital transformation initiatives.</p> <p> </p> <p>The architect should have strong experience in AWS cloud operations, DevOps automation, and is responsible for running and supporting production AWS environments. The role requires hands-on expertise in Amazon EKS, Infrastructure as Code (IaC) using Terraform and AWS CloudFormation, and familiarity with AWS Landing Zone governance, Security Hub, and Trusted Advisor.</p> <p> </p> <p>The ideal candidate demonstrates a strong inclination toward automation, continuously identifying opportunities to eliminate manual processes and improve operational efficiency, and possesses strong AWS networking, Linux, and troubleshooting skills.</p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Key Responsibilities</b></H2> </div><div><p>Cloud Architecture & Design<br>• Architect scalable, secure, and resilient multi-account AWS environments using well-architected principles.<br>• Provide hands-on leadership in designing cloud-native solutions for applications, networks, and data workloads.<br>• Oversee CI/CD pipelines, IaC frameworks (Terraform, CloudFormation), and automation standards.<br>• Partner with cybersecurity to enforce cloud security frameworks, IAM standards, and compliance controls.<br>• Conduct architecture reviews, provide technical guidance, and resolve complex engineering challenges.<br>• Collaborate with Finance on cloud cost governance, budgeting, and FinOps practices.<br>• Mentor cloud engineers and guide cross-functional teams on AWS patterns and best practices.</p> <p> </p> <p>DevOps & Platform Engineering<br>• Design, build, and maintain CI/CD pipelines for application and infrastructure deployments.<br>• Implement DevOps best practices including automation, version control, and continuous delivery.<br>• Containerize applications using Docker and manage images in Amazon ECR.<br>• Enable development teams with stable, repeatable, and secure deployment pipelines.</p> <p> </p> <p>Kubernetes & EKS Operations<br>• Operate and manage Amazon EKS clusters.<br>• Deploy and manage workloads using Helm and/or GitOps tools.<br>• Manage Kubernetes networking, ingress, secrets, RBAC, and scaling.<br>• Perform EKS upgrades, patching, performance tuning, and troubleshooting.</p> <p> </p> <p>AWS Networking & Connectivity (Advanced)<br>• Design, implement, and operate AWS VPC networking, including subnets, route tables, NAT gateways, and security groups.<br>• Configure and manage hybrid connectivity using AWS Direct Connect and VPN.<br>• Implement and troubleshoot network routing, including BGP, route propagation, and traffic flow between on-premises and AWS.<br>• Diagnose and resolve complex network connectivity and performance issues across cloud and hybrid environments.</p> <p> </p> <p>Cloud Operations, Linux & Reliability<br>• Own day-to-day cloud operations across AWS accounts and environments.<br>• Administer and troubleshoot Linux-based systems (Amazon Linux, RHEL).<br>• Perform OS-level troubleshooting (CPU, memory, disk, networking, processes).<br>• Implement and maintain monitoring, logging, and alerting using CloudWatch and related tools.<br>• Participate in on-call rotations, incident response, and root-cause analysis.</p> <p> </p> <p>Databases & RDS Operations<br>• Operate and support Amazon RDS (MySQL, PostgreSQL, or Aurora).<br>• Perform database-related operational tasks such as backups, restores, patching, and minor version upgrades.<br>• Monitor database performance, availability, and capacity.<br>• Apply security best practices for RDS, including encryption, access control, and network isolation.</p> <p> </p> <p>Infrastructure as Code & Automation<br>• Provision and manage AWS infrastructure using Terraform and AWS CloudFormation.<br>• Develop reusable Terraform modules and CloudFormation templates/stacks.<br>• Standardize and automate infrastructure deployments across environments.<br>• Integrate IaC workflows into CI/CD pipelines.<br>• Ensure infrastructure changes are version-controlled, auditable, and secure.</p> <p> </p> <p>AWS Governance, Security & Cost Operations<br>• Operate within an AWS Landing Zone / multi-account environment.<br>• Support governance controls such as IAM guardrails, network segmentation, and account baselining.<br>• Monitor, assess, and remediate findings from AWS Security Hub.<br>• Use AWS Trusted Advisor to identify security, reliability, performance, and cost optimization opportunities.<br>• Apply cost tagging and support basic cost visibility and optimization initiatives.</p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Required Skills and Experience</b></H2> </div><div><p><strong>Must-Have</strong><br>• Strong hands-on experience with AWS.<br>• Experience contributing to cloud architecture design.<br>• Advanced knowledge of AWS networking, including VPC design, routing, Direct Connect, and hybrid connectivity.<br>• Practical experience with Infrastructure as Code using Terraform and CloudFormation.<br>• Strong experience operating Amazon EKS / Kubernetes.<br>• Solid Linux system administration and troubleshooting skills.<br>• Hands-on experience supporting Amazon RDS.<br>• Solid DevOps experience with CI/CD pipelines.<br>• Familiarity with AWS Landing Zone, Security Hub, and Trusted Advisor.<br>• Proven ability to troubleshoot complex cloud, OS, database, and network issues.<br>• Experience supporting production workloads and on-call operations.</p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Nice-to-Have</b></H2> </div><div><p>• Experience leading or owning architecture decisions.<br>• Familiarity with AWS Well-Architected Reviews.<br>• Experience with Aurora and database performance tuning.<br>• Experience with AWS Control Tower, SCPs, and guardrails.<br>• Knowledge of GitOps tools (ArgoCD, Flux).<br>• Familiarity with Prometheus, Grafana, AWS OpenSearch.<br>• Scripting skills (Bash, Python).<br>• Exposure to cost governance or FinOps practices.</p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Soft Skills</b></H2> </div><div><p>• Strong operational mindset with focus on reliability and automation.<br>• Calm and effective during incidents and outages.<br>• Clear communicator when explaining technical issues.<br>• Proactive learner with continuous improvement mindset.</p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Experience and Qualifications</b></H2> </div><div><p>• 10–15 years in IT infrastructure (Cloud, DevOps, Platform and Cloud engineering), with at least 5 years specializing in AWS architecture at enterprise scale. Experience in telco, large enterprises, or highly regulated industries is desirable.<br>• Hands-on experience operating enterprise-scale and hybrid AWS environments.<br>• AWS Solutions Architect Professional, strong IaC experience, deep knowledge of cloud networking, security, and automation frameworks.<br>• AWS, Kubernetes, or Linux certifications are a plus.</p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Ideal Candidate Profile</b></H2> </div><div><p>• DevOps and Cloud Operations–first mindset with architecture capability.<br>• Comfortable owning production platforms end-to-end, including networking, OS, and databases.<br>• Passionate about automation, reliability, and operational excellence.</p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><H2 style="font-size:1.0em;margin:0.0px"><b>Qualifications</b></H2> </div><div><p>Not Available</p></div></div></div>