Skip to main content
SponsorJobs

Cloud Architect

London Area, United Kingdom Contract Posted 3 days ago

We are seeking a highly skilled Principal AWS Cloud Architect to design, build, and operate a secure, scalable, and automated AWS multi-account platform. The role focuses on implementing AWS Control Tower–based Landing Zones, enforcing security guardrails using Service Control Policies (SCPs), building centralized identity and observability, and automating the entire cloud foundation using Infrastructure as Code (IaC).



JD/Skills required

  1. :Expertise in AWS Well Architected Framewor
  2. kDesign and implement enterprise-grade AWS Landing Zone (multi-account, multi-org) using AWS Control Towe
  3. rArchitect centralized IAM strategy (Identity Center / SSO, Cognito, AWS WAF + shield, permission sets, role design)
  4. .Architect and manage multi-account strategy (Shared Services, Security, Log Archive, Workloads, Sandbox, non-prod & prod etc.). Strong understanding in Shared services models & Hub-and-spoke networkin
  5. gConfigure Account Factory and automate account provisioning workflows
  6. .Deep expertise in: AWS Organizations, AWS Control Tower, Landing Zone concepts, SCPs, IAM / Identity Centre
  7. .Strong experience with: VPC, Transit Gateway, Route53, CloudTrail, CloudWatch, Config, Security Hub & GuardDutyGovernance, Security & Guardrail
  8. sDesign and enforce Service Control Policies (SCPs) for preventive guardrail
  9. sImplement detective guardrails using AWS Config and Security Hu
  10. bDevelop reusable Infrastructure-as-Code (Terraform)
  11. .Build secure ingress/egress pattern
  12. sStandardise DNS, routing, and traffic segmentatio
  13. nDesign and automate cross-cloud and intra-cloud connectivit
  14. yImplement Unified IAM mode
  15. lBuild privileged access management (PAM
  16. )Define least-privilege access models and cross-account role pattern
  • sImplement centralized security services: AWS Security Hub, GuardDuty & AWS Config
  • .Fine-grained IAM role design for workloads
  • .AWS WAF + shield
  • .Secret Manager / Parameter stor
  1. eDesign network security using AWS Organizations + centralized networking
  2. .Intermediate experience in designing AWS PaaS based application platforms. Proven ability to build secure, scalable event-driven architectures with CI/CD automation via AWS CDK, GitHub actions
  3. ,Architect and lead complex, multi‑tier, on‑premise‑to‑AWS migration project
  4. sDefine migration approaches, deployment methodologies, and cloud adoption roadmaps


.

Similar sponsor-licensed roles

More roles in London Area, United Kingdom with active sponsor licences.

Role
Location
Type
Salary
Learning and Development Coordinator
@squarepoint-capital · Financial Services
London Area, United Kingdom
Full-time
IT Operations Engineer
@olix-computing · Technology
London, England, United Kingdom
Full-time
Senior Member Services Director
@info-tech-research · Technology
London, England, United Kingdom
Full-time
Care Practitioner
@westgate-healthcare · Healthcare
London, England, United Kingdom
Internship