Startup Jobs
Post a Job
Creative Chaos

Infrastructure Cloud Engineer

Remote

Job Summary:
Creative Chaos is seeking a hands-on Cloud Engineer to design, automate, secure, and operate cloud workloads across Azure and AWS. This role owns core platform components including infrastructure as code (Terraform), Kubernetes (AKS/EKS), secure networking, CI/CD enablement, observability, and FinOps. You will work closely with DevOps, software, and web engineering teams to deliver resilient, scalable, and compliant cloud platforms. The ideal candidate is strong in multi-cloud architecture, Kubernetes operations, identity and access management, security guardrails, automation, and platform reliability—bringing a pragmatic, automation-first mindset to cloud engineering.

Key Responsibilities:

Platform Engineering

  • Design and implement landing zones (hub-and-spoke, policy guardrails) across Azure and AWS.
  • Build and maintain Terraform modules, workspaces, remote state, and automated environment provisioning (dev → prod).
  • Operate and harden AKS/EKS clusters including node pools, autoscaling, ingress, image scanning/signing, and zero-downtime upgrades.
  • Implement and enhance CI/CD pipelines (GitHub Actions, Azure DevOps, Jenkins) for build, test, scan, deploy, and gated promotions.
  • Enable application platforms such as API Management/API Gateway, Azure Functions/AWS Lambda, and messaging services (Service Bus, SNS/SQS, EventBridge).
  • Own observability across Azure Monitor, Log Analytics, App Insights, CloudWatch, X-Ray, and OpenTelemetry, ensuring actionable alerts, runbooks, SLIs/SLOs, and on-call participation.
  • Drive FinOps practices including tagging standards, cost allocation, rightsizing, reserved instances/savings plans, egress optimization, and Well-Architected reviews.

Security, Governance & Operations

  • Onboard logs/telemetry and integrate data sources with the SIEM.
  • Implement and maintain security guardrails using Azure Policy, AWS Config, Defender for Cloud, Security Hub, GuardDuty, and WAF policies.
  • Enforce least-privilege access across Entra ID (PIM, managed identities) and AWS IAM/Identity Center, including workload identity federation for CI/CD.
  • Manage change control and audit processes through IaC-first workflows, along with runbooks and architectural decision records.
  • Maintain patch and version hygiene for Kubernetes, node OS/AMIs, container images, and managed services, including automated drift detection.
  • Lead incident investigations across Azure/AWS, perform RCA, and implement preventative controls (policies, guardrails, pipeline checks).
  • Provide architectural input on security, reliability, networking, and cost during design reviews.

Requirements

  • Bachelors in IT, CS or related field
  • Minimum 5 years of related experience
  • Hands-on production experience in both Azure and AWS.
  • Deep expertise in Terraform (modules, workspaces, state, policy as code).
  • Strong Kubernetes operational experience (AKS/EKS), including Helm, ingress controllers, ACR/ECR.
  • Solid networking fundamentals: VNet/VPC, routing, VPNs, Private Link/Endpoints, ExpressRoute/Direct Connect, load balancers, WAF, DNS.
  • Strong identity & access management skills: Entra ID and AWS IAM, SSO/OIDC, secrets management (Key Vault/KMS).
  • CI/CD implementation experience with GitHub Actions, Azure DevOps, or Jenkins; security gates and artefact repositories.
  • Observability/SRE experience across metrics, logs, tracing, alerting, incident response, and post-mortems.
  • Strong scripting abilities (PowerShell, Bash) and OS-level expertise across Linux/Windows.
  • Experience with DR patterns (IaC rebuilds), HA architectures, RTO/RPO planning.

Desirable Skills

  • M365 Conditional Access (global policies, break-glass, step-up).
  • AWS landing zone tooling (Control Tower, IAM Identity Center, account vending/guardrails).
  • Ability to read/maintain CloudFormation or Bicep where Terraform is primary.
  • Web hosting experience: CDN/WAF (Front Door/CloudFront), TLS/PKI, caching, performance tuning.
  • Data fundamentals: S3/Blob lifecycle, RDS/Aurora/SQL MI/Postgres, Redis/ElastiCache/Azure Cache.
  • Kubernetes and supply-chain security: admission controls, image signing, SBOM.

Certifications (Preferred)

  • Azure: AZ-104, AZ-305, AZ-500 (AZ-700/AZ-400 are a bonus).
  • AWS: Solutions Architect – Associate; SA-Pro or DevOps Pro preferred; Security or Advanced Networking is a plus.
  • Kubernetes/HashiCorp: CKA, Terraform Associate (CKS is a plus).
  • FinOps: FinOps Certified Practitioner (bonus).
Creative Chaos

Creative Chaos is an integrated technology innovation firm that specializes in building MVPs for startups and Fortune 500 companies. Our mission is to help startups and enterprises bring their ideas to life. We believe that innovation can only be delivered through ruthless commitment, grit, and resolve of a team. Our process is driven by a proven MVP Development Framework and powered by passionate people who are committed to delivery and excellence. We specialize in building web applications, mobile apps and IOT solutions. Key Facts: • Established in 2000 • Headquartered in San Francisco • Global Delivery Network with offices in Boston, Toronto and South East Asia• 300+ full-time associates globally • Specialize in product innovation and agile development • 400+ successful projects across multiple industry verticals • Focus on full life-cycle technology implementation and solutions • Diverse technology expertise

Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Cloud Engineer Q&A's
Report this job
Apply for this job