Apply for Job
Principal Cloud Architect
SG
Role Overview
This role exists to define, lead, and evolve StarHub’s AWS cloud architecture to meet the organization’s scalability, security, and reliability needs. The Principal Cloud Architect will establish best-practice cloud standards, drive enterprise adoption of cloud-native platforms, and ensure solutions are built in alignment with business strategy. This position provides deep technical leadership to modernize infrastructure and accelerate digital transformation initiatives.
The architect should have strong experience in AWS cloud operations, DevOps automation, and is responsible for running and supporting production AWS environments. The role requires hands-on expertise in Amazon EKS, Infrastructure as Code (IaC) using Terraform and AWS CloudFormation, and familiarity with AWS Landing Zone governance, Security Hub, and Trusted Advisor.
The ideal candidate demonstrates a strong inclination toward automation, continuously identifying opportunities to eliminate manual processes and improve operational efficiency, and possesses strong AWS networking, Linux, and troubleshooting skills.
Key Responsibilities
Cloud Architecture & Design
• Architect scalable, secure, and resilient multi-account AWS environments using well-architected principles.
• Provide hands-on leadership in designing cloud-native solutions for applications, networks, and data workloads.
• Oversee CI/CD pipelines, IaC frameworks (Terraform, CloudFormation), and automation standards.
• Partner with cybersecurity to enforce cloud security frameworks, IAM standards, and compliance controls.
• Conduct architecture reviews, provide technical guidance, and resolve complex engineering challenges.
• Collaborate with Finance on cloud cost governance, budgeting, and FinOps practices.
• Mentor cloud engineers and guide cross-functional teams on AWS patterns and best practices.
DevOps & Platform Engineering
• Design, build, and maintain CI/CD pipelines for application and infrastructure deployments.
• Implement DevOps best practices including automation, version control, and continuous delivery.
• Containerize applications using Docker and manage images in Amazon ECR.
• Enable development teams with stable, repeatable, and secure deployment pipelines.
Kubernetes & EKS Operations
• Operate and manage Amazon EKS clusters.
• Deploy and manage workloads using Helm and/or GitOps tools.
• Manage Kubernetes networking, ingress, secrets, RBAC, and scaling.
• Perform EKS upgrades, patching, performance tuning, and troubleshooting.
AWS Networking & Connectivity (Advanced)
• Design, implement, and operate AWS VPC networking, including subnets, route tables, NAT gateways, and security groups.
• Configure and manage hybrid connectivity using AWS Direct Connect and VPN.
• Implement and troubleshoot network routing, including BGP, route propagation, and traffic flow between on-premises and AWS.
• Diagnose and resolve complex network connectivity and performance issues across cloud and hybrid environments.
Cloud Operations, Linux & Reliability
• Own day-to-day cloud operations across AWS accounts and environments.
• Administer and troubleshoot Linux-based systems (Amazon Linux, RHEL).
• Perform OS-level troubleshooting (CPU, memory, disk, networking, processes).
• Implement and maintain monitoring, logging, and alerting using CloudWatch and related tools.
• Participate in on-call rotations, incident response, and root-cause analysis.
Databases & RDS Operations
• Operate and support Amazon RDS (MySQL, PostgreSQL, or Aurora).
• Perform database-related operational tasks such as backups, restores, patching, and minor version upgrades.
• Monitor database performance, availability, and capacity.
• Apply security best practices for RDS, including encryption, access control, and network isolation.
Infrastructure as Code & Automation
• Provision and manage AWS infrastructure using Terraform and AWS CloudFormation.
• Develop reusable Terraform modules and CloudFormation templates/stacks.
• Standardize and automate infrastructure deployments across environments.
• Integrate IaC workflows into CI/CD pipelines.
• Ensure infrastructure changes are version-controlled, auditable, and secure.
AWS Governance, Security & Cost Operations
• Operate within an AWS Landing Zone / multi-account environment.
• Support governance controls such as IAM guardrails, network segmentation, and account baselining.
• Monitor, assess, and remediate findings from AWS Security Hub.
• Use AWS Trusted Advisor to identify security, reliability, performance, and cost optimization opportunities.
• Apply cost tagging and support basic cost visibility and optimization initiatives.
Required Skills and Experience
Must-Have
• Strong hands-on experience with AWS.
• Experience contributing to cloud architecture design.
• Advanced knowledge of AWS networking, including VPC design, routing, Direct Connect, and hybrid connectivity.
• Practical experience with Infrastructure as Code using Terraform and CloudFormation.
• Strong experience operating Amazon EKS / Kubernetes.
• Solid Linux system administration and troubleshooting skills.
• Hands-on experience supporting Amazon RDS.
• Solid DevOps experience with CI/CD pipelines.
• Familiarity with AWS Landing Zone, Security Hub, and Trusted Advisor.
• Proven ability to troubleshoot complex cloud, OS, database, and network issues.
• Experience supporting production workloads and on-call operations.
Nice-to-Have
• Experience leading or owning architecture decisions.
• Familiarity with AWS Well-Architected Reviews.
• Experience with Aurora and database performance tuning.
• Experience with AWS Control Tower, SCPs, and guardrails.
• Knowledge of GitOps tools (ArgoCD, Flux).
• Familiarity with Prometheus, Grafana, AWS OpenSearch.
• Scripting skills (Bash, Python).
• Exposure to cost governance or FinOps practices.
Soft Skills
• Strong operational mindset with focus on reliability and automation.
• Calm and effective during incidents and outages.
• Clear communicator when explaining technical issues.
• Proactive learner with continuous improvement mindset.
Experience and Qualifications
• 10–15 years in IT infrastructure (Cloud, DevOps, Platform and Cloud engineering), with at least 5 years specializing in AWS architecture at enterprise scale. Experience in telco, large enterprises, or highly regulated industries is desirable.
• Hands-on experience operating enterprise-scale and hybrid AWS environments.
• AWS Solutions Architect Professional, strong IaC experience, deep knowledge of cloud networking, security, and automation frameworks.
• AWS, Kubernetes, or Linux certifications are a plus.
Ideal Candidate Profile
• DevOps and Cloud Operations–first mindset with architecture capability.
• Comfortable owning production platforms end-to-end, including networking, OS, and databases.
• Passionate about automation, reliability, and operational excellence.
Qualifications
Not Available