Senior AWS Platform Engineer (Control Tower / Org Build-Out) | 15+ Years | Raritan, NJ – Hybrid

Job Title: AWS Platform Engineer (Control Tower / AWS Org Build-Out)

Location: Raritan, NJ (Hybrid)
Duration: Long-Term Contract

Overview

We are seeking an experienced AWS Platform Engineer to design and build a greenfield AWS environment using AWS-native governance and provisioning tools. This role focuses on replacing an existing custom provisioning solution (xBot) with AWS Control Tower, AWS Organizations, CloudFormation, and Python-based automation.

The ideal candidate has hands-on experience building multi-account AWS platforms from scratch, implementing governance at scale, and translating custom automation into AWS-native solutions.

This is a hands-on engineering role requiring deep expertise in AWS governance, Control Tower, and cloud automation.

Key Responsibilities

• Design and build a new AWS Organization, including OU structure, account separation, and governance strategy

• Implement AWS Control Tower (Landing Zone, Account Factory, guardrails, baselines)

• Replace xBot-based provisioning workflows with AWS-native automation using Control Tower, CloudFormation, and Python

• Analyze and enhance existing Python automation scripts executed via Jenkins pipelines

• Develop new account provisioning and governance automation

• Configure and manage Service Control Policies (SCPs), IAM identity structures, AWS Config rules, and organization-wide standards

• Define and enforce VPC, networking, and security baselines

• Build and maintain Infrastructure as Code (IaC) using CloudFormation and/or Terraform

• Establish best practices for multi-account security, compliance, tagging, and operational visibility

• Collaborate with Cloud Architecture, Security, and DevOps teams to ensure governance alignment

Required Skills & Experience

AWS Governance & Control Tower (Critical)

• Hands-on experience implementing AWS Control Tower and Landing Zone

• Proven experience designing or restructuring AWS Organizations and multi-account environments

• Strong expertise in SCPs, guardrails, IAM governance, and AWS Config

• Experience with account vending and governance automation

Automation & Infrastructure as Code

• Strong Python skills for cloud automation (boto3, provisioning logic)

• Experience working with Jenkins pipelines executing Python/IaC workflows

• Proficiency in CloudFormation and/or Terraform

AWS Platform Engineering

• Deep understanding of AWS networking (VPCs, subnets, routing, endpoints, DNS)

• Experience implementing security, compliance, and standards at scale

• Ability to replace custom provisioning tools with AWS-native management solutions

Nice-to-Have

• Experience migrating automation from internal/custom tools to AWS-native governance

• Hands-on experience with GuardDuty, Security Hub, AWS SSO, Access Analyzer

• Exposure to enterprise environments with strict compliance requirements

Ideal Candidate Profile

• Has built AWS Organizations from scratch, not just maintained them

• Strong in AWS governance, Control Tower, CloudFormation, and Python automation

• Comfortable analyzing existing Jenkins pipelines and Python code

• Understands both technical implementation and cloud governance best practices

All your information will be kept confidential according to EEO guidelines.