Cloud Operations Specialist

Job Description

Position Summary

The Cloud Operations Specialist is responsible for ensuring the stability, security, governance, and high availability of Assent’s AWS cloud environment and SaaS production systems. This role requires deep hands-on experience with enterprise-scale AWS multi-account environments, particularly in AWS Organizations, AWS Control Tower, and AWS IAM Identity Center (SSO).

Working within the SaaS Product Infrastructure group, the Cloud Operations Specialist collaborates closely with Engineering, Product, Corporate Security, and IT teams to maintain a secure and reliable cloud platform. The ideal candidate brings strong operational discipline, long-term ownership experience, and the ability to work independently in a fast-paced, globally distributed environment. This role requires strong proficiency operating AWS governance and identity systems entirely through Infrastructure as Code (IaC), with all changes implemented through Terraform and delivered via GitHub Actions pipelines.

Key Requirements & Responsibilities 

AWS Platform Governance & Identity

• Administer and enhance Assent’s AWS multi-account environment using AWS Organizations and AWS Control Tower.

• Manage AWS Platform Governance & Identity exclusively through Infrastructure as Code (Terraform), ensuring all changes are codified, peer-reviewed, and deployed via GitHub Actions workflows, with minimal AWS console usage.

• Manage the lifecycle of AWS accounts, including provisioning, guardrail enforcement, compliance assessments, and drift remediation.

• Own configuration and governance of AWS IAM Identity Center, including permission sets, assignment models, and cross-account access patterns.

• Implement and maintain Service Control Policies (SCPs), organizational guardrails, and governance frameworks.

• Collaborate with Corporate Security on access governance, audit readiness, and implementation of cloud security best practices.

• Ensure consistent application of enterprise standards across all accounts to support scalability and operational excellence.

• Serve as a subject-matter expert for AWS organizational design, identity architecture, and governance automation.

• Infrastructure as Code, Automation & CI/CD

• Provision, manage, and govern all AWS platform resources—including Organizations, Control Tower, Identity Center, SCPs, and account lifecycle—using Terraform, following a strict code-first operating model with limited console access.

• Experience working with multi-account Terraform architectures, including reusable modules, organizational workspaces, and remote state patterns

• Operate GitHub Actions as the primary CI/CD mechanism for all governance and provisioning pipelines, ensuring consistent, validated, and compliant deployments.

• Use Lambda and automation tooling to streamline cloud governance, account lifecycle, and configuration consistency.

• Collaborate with engineering teams to enforce Infrastructure as Code standards and improve deployment consistency.

• AWS Services & Cloud Infrastructure Operations

• Support and operationalize core AWS services including:

  • Compute & containers: EC2, ECS (Fargate)

  • Databases & messaging: RDS (PostgreSQL, SQL Server), AmazonMQ

  • Networking & CDN: Route53, API Gateway, CloudFront

  • Messaging & notifications: SQS, SNS, SES

• Install, configure, secure, and troubleshoot Linux and Windows servers in cloud environments.

• Participate in infrastructure lifecycle management including patching, updates, backups, and resilience testing.

• Monitoring, Observability & Incident Response

• Proactively monitor systems and applications using observability platforms (e.g., CloudWatch, ElasticSearch/OpenSearch, New Relic, Datadog).

• May participate in an on-call rotation for production infrastructure, ensuring timely incident response and resolution.

• Implement best practices for logging, alerting, automated remediation, and operational health dashboards.

• Conduct root-cause analysis and propose long-term improvements to prevent recurrence.

• Security, Compliance & Governance Support

• Enforce cloud security policies and identity governance best practices across all AWS accounts.

• Support internal and external security audits of cloud platforms.

• Partner with Corporate Security to align cloud controls with regulatory and compliance standards.

• Maintain encryption, auditing, and configuration standards (KMS, CloudTrail, AWS Config, etc.).

• Collaboration, Documentation & Continuous Improvement

• Work closely with cross-functional teams to support platform stability and cloud adoption.

• Help lead Infrastructure and joint Infrastructure-Engineering projects.

• Create and maintain documentation for cloud architecture, governance controls, operational procedures, and automation workflows.

• Contribute to business continuity, resilience engineering, and disaster recovery planning.

Qualifications

Minimum Requirements

Enterprise AWS Governance Experience (Must-Have)

• 5+ years of hands-on experience managing AWS multi-account environments with AWS Organizations, AWS Control Tower, and AWS IAM Identity Center (SSO).

• Demonstrated experience managing AWS Organizations, Control Tower, and Identity Center entirely through Terraform, including version-controlled permission sets, account provisioning workflows, and SCPs.

• Commitment to a “no unmanaged changes” approach—must be comfortable operating in an environment where AWS console access is restricted and infrastructure is exclusively managed as code.

• Demonstrated long-term ownership of organizational governance, account lifecycle management, SCPs, and permission set models.

• Experience implementing enterprise identity governance, access controls, and compliance frameworks at scale.

• Core Technical Requirements

• AWS Solutions Architect – Associate (or higher) certification preferred.

• Strong experience with Terraform (Infrastructure as Code) and managing state in S3 for multi-account deployments.

• Hands-on experience creating and maintaining GitHub Actions pipelines for infrastructure deployment and automation.

• Experience with containerized workloads using ECS/Fargate.

• Proficiency with Linux and Windows server administration in cloud environments.

• Experience operating search/logging platforms such as ElasticSearch/OpenSearch.

• Experience with configuration management and automation via Ansible, Semaphore, or similar tools.

• Preferred Qualifications

• Experience with New Relic, Datadog, PagerDuty, or similar modern observability platforms.

• Experience with SolarWinds DPA or similar database performance tools.

• Familiarity with Auth0 or other identity providers.

• Experience working within enterprise SaaS, regulated industries, or high-security cloud environments.

• Strong scripting proficiency (Python, PowerShell, or Bash).

• Experience with proactive monitoring, observability tooling, and operational automation.

• Professional Skills

• Demonstrated ability to work independently and manage complex operational responsibilities with minimal supervision.

• Strong analytical, troubleshooting, and decision-making skills under pressure.

• Excellent written and verbal communication skills for collaborating with technical and non-technical stakeholders.

• Detail-oriented, highly organized, and committed to continuous learning and improvement.

• Ability and willingness to support off-hours work as required, including on-call participation.

Additional Information

Life at Assent

Wellness: We believe that you and your family’s well being is important. As a result, we offer vacation time that increases with tenure, comprehensive benefits packages (details vary by country), life leave days and more.

Financial Benefits: It’s not all about the money – well, it’s a little about the money. We understand that financial health is important and we offer a competitive base salary, a corporate bonus program, retirement savings options and more.

Life at Assent: There is purpose beyond your work. We provide our team members with flexible work options, volunteer days and opportunities to get involved in corporate giving initiatives.

Lifelong Learning: At Assent, curiosity is not only valued but encouraged. You will receive professional development days that are available to you the day you start.

At Assent, we are committed to growing and sustaining an environment where our team members feel included, valued, and heard. Our diversity and equal opportunity practices are guided and championed by our Diversity and Inclusion Working Group and our Employee Resource Groups (ERGs).

Our commitment to diversity, equity and inclusion includes recruiting and retaining team members from diverse backgrounds and experiences, and fostering a culture of belonging where all team members are included, treated with dignity and respect, promoted on their merits, and placed in positions to contribute to business success.

If you require assistance or accommodation throughout any part of the interview and selection process, please contact [email protected] and we will be happy to help.  

We use AI to support parts of our recruitment process, such as note-taking and initial shortlisting based on job-related qualifications. AI does not make hiring decisions. All candidates will speak with a real person, and final decisions are always made by our recruitment team.