Senior Engineer - DevOps (AWS Cloud Architecture)

Job Title: Senior Engineer - DevOps (AWS Cloud Architecture)

Career Level: D / E

Introduction to role:

Are you ready to architect secure, scalable AWS platforms that accelerate how life-changing medicines reach patients? This role sits at the heart of our digital and data transformation, building cloud foundations that power discovery, development, and delivery across the enterprise.

You will join a team of entrepreneurial engineers who take ownership, experiment boldly, and turn ideas into operational reality. Here, you’ll shape the AWS ecosystem that enables rapid product delivery, modern application patterns, and trusted data at scale. How will you lead the next step in our journey to a truly data-led enterprise?

Accountabilities:

• Cloud Architecture and Infrastructure: Architect and operate foundational AWS infrastructure, including multi-account landing zones, VPC networking, identity, and security guardrails, to enable secure, scalable platforms and rapid product delivery.

• Infrastructure as Code: Build and maintain reproducible environments using Terraform or CloudFormation/CDK; create reusable modules, pipelines, and policy guardrails to increase consistency and speed.

• CI/CD and Automation: Design and operate CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) with automated build, test, security scanning, and deployment for microservices and data workloads to improve quality and throughput.

• Container Platforms: Operate and optimize EKS and/or ECS/Fargate, covering cluster provisioning, autoscaling, ingress/service mesh, and cost/performance tuning to deliver resilient services at scale.

• Observability and SRE: Implement monitoring, logging, and tracing (CloudWatch, Prometheus/Grafana, Open Telemetry); define SLOs/SLIs, lead incident response, and strengthen reliability to meet service commitments.

• Security and Compliance: Embed security-by-design with IAM least privilege, KMS, Secrets Manager, network segmentation strategies, dedicated private endpoints, vulnerability monitoring, and policy-as-code (OPA); support audits and compliance (ISO 27001, SOC 2, GxP as applicable).

• Networking: Design and manage VPC architectures (subnets, NAT, Transit Gateway, routing, NACLs, security groups), hybrid connectivity (VPN/Direct Connect), and private service access to ensure secure, performant connectivity.

• Migration and Modernization: Lead on-prem to AWS migration projects end-to-end, from discovery and assessment through landing zone setup, integration, wave planning, data migration, cutover, stabilization, and modernization to cloud-native patterns.

• Data and Application Platforms: Provide teams with architectural approaches for APIs, event streams, serverless, and managed data services. These include SNS/SQS/Kinesis, Lambda, RDS/Aurora, DynamoDB, OpenSearch, MSK, or equivalent experience. This support helps accelerate product delivery.

• Cost Management: Implement tagging, budgets, rightsizing, and reserved/savings plans; provide cost visibility and optimization recommendations aimed at improving value.

• Governance and Multi-Account Strategy: Manage AWS Organizations/Control Tower, SCPs, environment isolation (dev/test/prod), and compliance baselines to maintain a secure and orderly cloud estate.

• Technical Leadership: Mentor engineers, define standards, author RFCs/design docs, and drive adoption of platform capabilities and standard methodologies to uplift engineering effectiveness.

• Run and Operate: Own production readiness, lead all aspects of updates and modifications, manage on-call rotations, and drive continuous improvement to increase platform reliability and delivery efficiency.

Essential Skills/Experience:

• Architecting and operating foundational AWS cloud infrastructure, including multi-account landing zones, VPC networking, identity, and security guardrails

• Infrastructure as Code proficiency with Terraform or CloudFormation/CDK, including reusable modules, pipelines, and policy guardrails

• CI/CD pipeline design and operation using GitHub Actions, GitLab CI, or Jenkins, with automated build, test, security scanning, and deployment

• Operating and optimizing EKS and/or ECS/Fargate, including cluster provisioning, autoscaling, ingress/service mesh, and cost/performance tuning

• Observability and SRE practices with CloudWatch, Prometheus/Grafana, and OpenTelemetry; defining SLOs/SLIs and leading incident response

• Security-by-design across AWS: IAM least privilege, KMS, Secrets Manager, network segmentation, private endpoints, vulnerability management, and policy-as-code (OPA); audit and compliance support (ISO 27001, SOC 2, GxP)

• VPC architecture design and management: subnets, NAT, Transit Gateway, routing, NACLs, security groups; hybrid connectivity via VPN or Direct Connect; private service access

• Leading on-prem to AWS migrations end-to-end and modernizing workloads to cloud-native patterns

• Designing patterns for APIs, event streams (SNS, SQS, Kinesis), serverless (Lambda), and managed data services (RDS/Aurora, DynamoDB, OpenSearch, MSK)

• Cost management: tagging, budgets, rightsizing, reserved/savings plans; cost visibility and optimization recommendations

• Governance across multi-account environments: AWS Organizations, Control Tower, SCPs, environment isolation, and compliance baselines

• Technical leadership: mentoring, standards definition, RFCs/design documentation, and platform capability adoption

• Operations excellence: production readiness, change management, on-call rotations, and continuous improvement

Desirable Skills/Experience:

• Depth across both EKS and ECS/Fargate, including service mesh integration (e.g., App Mesh or Istio) and advanced ingress strategies

• Hands-on experience implementing OpenTelemetry end-to-end and tuning Prometheus/Grafana at scale

• Proven delivery of GxP or similar regulated cloud environments and audit readiness

• Advanced governance experience with AWS Control Tower customization, SCP strategy, and multi-account blueprints

• Building shared Terraform or CDK modules and reference architectures consumed by multiple teams

• Leading complex migration wave planning, cutovers, and stabilization with minimal disruption

• Cost optimization at scale, including workload rightsizing, reserved/savings plan strategies, and chargeback/showback models

When we put unexpected teams in the same room, we ignite bold thinking with the power to inspire life-changing medicines. In-person working gives us the platform we need to connect, work at pace and challenge perceptions. That's why we work, on average, a minimum of three days per week from the office. But that doesn't mean we're not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and ambitious world.

Why AstraZeneca:

Join a technology organization that pairs brand new engineering with a clear mission: enabling science to move faster and reach patients sooner. You will collaborate with diverse experts, experiment in hackathons, and harness modern cloud and data platforms to drive enterprise-scale impact. We back bold ideas with real investment, value kindness alongside ambition, and bring different perspectives together to spark new solutions—so your work not only advances our digital strategy, it directly supports the discovery and delivery of medicines.

If you’re ready to take ownership of a modern AWS platform and turn ambitious ideas into tangible outcomes for patients, step forward and shape what’s next!

Date Posted

23-Jan-2026

Closing Date

AstraZeneca embraces diversity and equality of opportunity.  We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills.  We believe that the more inclusive we are, the better our work will be.  We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics.  We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorisation and employment eligibility verification requirements.