Cloud Engineer - Automation (CPE)

Apply now »

Date: 11 Aug 2025

Location: SG

Company: Synapxe

Position Overview

We are seeking for a highly skilled and motivated Cloud Lead Engineer to join Healthcare Commercial Cloud (HCC) to design, implement, and continuously improve HCC solutions and services in a multi-tenant cloud environment. This role requires deep hands-on expertise in AWS native services, with a strong focus on multi-tenant account governance, oversight function, network security, identity and access management, and cost optimized cloud service delivery.
As a cloud lead engineer, you are expected to design and implement cloud solutions that align with business needs, regulatory requirements, and long-term scalability. You will also be responsible for enhancing existing services, introducing new cloud capabilities, ensuring robust security, visibility, and operational control within a multi-account AWS environment managed via Control Tower, AWS Organizations, Service Control Policies, Resource-Based Policies, and Security Hub. You are also expected to integrate AI/ML capabilities using AWS services to enhance analytics, automation and business intelligence use cases. 

Role & Responsibilities

•    Design, implement, and manage secure, scalable, and cost-efficient AWS cloud infrastructure using AWS native services.
•    Build new cloud services and enhance existing platforms based on evolving business and operational requirements.
•    Implement and enforce account governance using AWS control tower, SCPs, RCPs, AWS organizations, AWS config, firewall manager, and security hub.
•    Architect secure, scalable, and resilient network topologies using VPC, subnets, NAT, VPN, Transit Gateway, Direct Connect, and PrivateLink.
•    Manage hybrid connectivity between on-premises and cloud environments with a focus on performance, availability, and security. 
•    Familiar with AWS network firewall, VPC traffic mirroring, and other advanced networking services in AWS. 
•    Familiar with identity and access controls using IAM, SCPs, AWS SSO, and IAM Identity Center.
•    Monitor, investigate, and remediate security findings from AWS Security Hub, GuardDuty, Inspector, Config, Firewall Manager, Shield Advanced, and IAM Access Analyzer. 
•    Secure workloads by enforcing least privilege access and enabling encryption with AWS KMS and Secrets Manager.
•    Provide technical advisory on cloud application design, network, and security architecture or other cloud related technologies 
•    Establish centralized logging, detection, monitoring, and incident response capabilities across accounts and regions. 
•    Utilize observability tools such as CloudWatch, OpenSearch, QuickSight, Grafana, or similar solutions to monitor cloud resources effectively. 
•    Develop operational dashboards and reporting mechanisms to support infrastructure monitoring, performance analysis, and compliance requirements. 
•    Able to automate provisioning and configuration management using AWS CloudFormation, AWS CDK, or Terraform.
•    Able to monitor and troubleshoot cloud environments using CloudWatch, X-Ray, CloudTrail, and AWS Config.
•    Maintain comprehensive documentation covering infrastructure architecture, account structure, and governance policies.

Requirements

  • Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience).
  • 6+ years of hands-on experience with AWS Native Services with a strong focus on multi-tenant account governance, oversight function, network security, identity and access management, and cost optimized cloud service delivery.
  • AWS Certified is preferred
  • Solid understanding of AWS Organizations, Landing Zone architecture, and cloud governance best practices.
  • Proficiency in scripting languages such as Python, Bash, or PowerShell is desirable. 
  • Expertise in AWS networking including VPCs, subnets, security groups, route tables, direct connect, and NAT Gateways.
  • Strong working knowledge of cloud security tools such as IAM, Security Hub, GuardDuty, Inspector, Shield Advanced, KMS, and secrets manager. 
  • Familiarity with centralized monitoring and logging solutions such as CloudWatch, OpenSearch, CloudTrail, Config, QuickSight, and Systems Manager. 
  • Experience with integrating or operating AI/ML services in AWS such as Bedrock, SageMaker, comprehend, Rekognition. 
  • Experience in developing operational dashboards and enable observability for cloud resources. 
  • Familiarity with security and compliance frameworks such as CIS AWS Foundation Benchmark or AWS Foundational Best Practices.
  • Experience in designing public-private network segmentation to support layered architectures, including presentation, business logic, micro-services, and data layers, serving both Internet and Intranet environments. 
  • Proven track record in leading cloud projects from design to implementation, balancing cost, security, and business requirements. 

Apply Now

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!

#LI-SYNX08 #LI-SYNX33