Senior Cloud Engineer (AWS / Terraform / Security & Production Readiness)

Location: Toronto / Montreal (Hybrid – mandatory)

Experience: 7–10+ years

Employment Type: Full-time / Contract

Role Overview

We are looking for a Senior Cloud Engineer to lead production readiness, secure cloud deployment, and live cutover of a regulated, high-assurance platform.

This role is critical in ensuring that AWS production environments are secure, compliant, and operationally resilient, with a strong focus on infrastructure as code (Terraform), security controls, key management, and production deployment practices.

You will work at the intersection of cloud engineering, security, and platform operations, supporting a high-stakes production launch and vendor integrations.

Key Responsibilities

1. Production Environment Setup & Governance

• Establish and configure AWS production environments (ca-central-1) separated from non-production accounts
• Implement multi-account governance and federation models aligned with enterprise standards
• Apply infrastructure-as-code (Terraform) modules to enforce:
  • Service Control Policies (SCPs)
  • Data residency controls
  • MFA enforcement and root access restriction
  • Public access protections (e.g., S3 hardening)
• Configure monitoring, alerting, and centralized logging using CloudWatch and log aggregation solutions

2. Security & Key Management Infrastructure

• Implement and manage customer-managed KMS keys, including asymmetric key configurations
• Deploy and maintain secure key custody frameworks, including:
  • Application service keys (rotating)
  • Blockchain validator keys
  • Privacy/encryption keys for sensitive transaction layers
• Ensure secure handling of secrets via AWS Secrets Manager with automated rotation

3. CI/CD & Production Deployment

• Activate and manage production CI/CD pipelines with environment gating and approvals
• Deploy applications and infrastructure using controlled release mechanisms
• Lead production deployments of pre-validated components (from dev & staging) including:
  • Encryption and signing mechanisms
  • Security-sensitive platform components

4. Production Readiness & Runbook Validation

• Validate and refine production runbooks against real-world system behaviour
• Identify and address gaps between staging and production environments
• Ensure operational readiness, incident response alignment, and monitoring coverage

5. Vendor Integration & Cutover

Own the end-to-end integration and production cutover of critical third-party services:

• KYC systems (e.g., Persona)
  • Transition from mock → sandbox → production
• Compliance platforms (e.g., sanctions, PEP screening)
  • Ensure secure data flows and operational stability
• Custody / MPC platforms (multi-party computation)
  • Support secure key ceremonies and production rollout

6. Hypercare & Production Support

• Support live production cutover and stabilization phases
• Monitor platform health, performance, and security posture
• Rapidly respond to incidents during hypercare period

Required Skills & Experience

• 7+ years in cloud engineering / platform engineering roles
• Strong hands-on experience with AWS (multi-account environments)
• Deep expertise in Terraform (modular design, IaC best practices)
• Proven experience implementing:
  • Cloud security frameworks (IAM, SCPs, KMS, Secrets Manager)
  • Monitoring & observability (CloudWatch, logging pipelines)
• Experience with CI/CD pipelines and controlled production deployments
• Strong understanding of:
  • Production readiness and release management
  • Secure architecture and data protection controls
• Experience supporting high-risk production cutovers or regulated environments

Nice to Have

• Experience with blockchain or cryptographic key management systems
• Exposure to MPC (multi-party computation) or custody platforms
• Familiarity with compliance/KYC integrations
• AWS certifications (Solutions Architect / DevOps / Security)

What You Bring

• Ownership mindset with ability to lead production-critical initiatives
• Strong problem-solving skills in high-pressure environments
• Ability to work across engineering, security, and vendor teams
• Clear communication and documentation skills