Job Description

Job Title: AWS Cloud Network Architect
Position: Contract
Location: London, UK
Job Summary:
Key Responsibilities :
Architecture & Design

• Design and implement VPC architectures, multi VPC topologies, and network segmentation strategies.
• Architect hybrid connectivity solutions using Direct Connect, Site to Site VPN, SD WAN, and BGP routing.
• Develop and maintain multi account network patterns aligned with AWS Control Tower and Landing Zone frameworks.
• Build secure ingress/egress architectures using NAT gateways, firewalls, and inspection VPCs.
• Design high availability, multi AZ, and multi region network architectures.
• Produce a detailed Low-Level Design (LLD) document including network designs.
• Design AWS networking components (VPCs, subnets, TGW attachments, etc.).
• Define secure network connectivity patterns for all integrations. [This is our current understanding of the required integrations but it's subject to change as part of the Design phase.]

• CNI Geo SCADA Solace EKS (AWS side of the connection)
• Technolog GasCore Solace EKS
• Solace EKS AVEVA PI
• CNI Geo SCADA AVEVA PI (for data historian purposes TBC in Design, again AWS side of the connection)
• Technolog GasCore AVEVA PI (for data historian purposes TBC in Design)
• Solace EKS SAP BTP / Advanced Event Mesh
• Solace EKS SAP Datasphere
• Solace EKS Databricks
• Solace EKS Enterprise Globalscape
• Solace EKS SAP PO
• Solace EKS Solace SaaS cloud for Images and Mission Control
• AVEVA PI S3 Databricks
• Design the AWS infrastructure for the Solace EKS cluster.
• Design the AWS infrastructure for the AVEVA PI multi-tier environment (web, app and data).
• Provide design oversight and governance for the build.

Security & Compliance

• Implement and manage network security controls (Security Groups, NACLs, AWS WAF, Network Firewall).
• Ensure compliance with enterprise security frameworks (CIS, ISO, SOC, PCI).
• Integrate network monitoring and threat detection services (VPC Flow Logs, CloudWatch, GuardDuty, Security Hub).
• Define and enforce network governance, segmentation, and least privilege access models.

Connectivity & Routing

• Architect routing domains using Transit Gateway, route tables, and advanced routing strategies.
• Integrate AWS networking with On-premises data centers and third-party SaaS providers.
• Implement Private Link, VPC endpoints, and service to service connectivity patterns.

Automation & Infrastructure as Code

• Build and manage network infrastructure using Terraform, CloudFormation, or CDK.
• Automate provisioning, configuration, and compliance checks for network components.
• Develop CI/CD pipelines for network deployments and drift detection.

Operations & Troubleshooting

• Lead troubleshooting and root cause analysis for complex AWS and hybrid network issues.
• Optimize network performance, reliability, and cost efficiency.
• Provide escalation support for critical network incidents and outages.

Collaboration & Leadership

• Conduct workshops to define the AWS account and VPC strategy to integrate SPOG infrastructure i.e., Solace EKS and AVEVA PI into the existing Enterprise AWS Cloud.
• Define the strategy for environment separation i.e., non-production vs production for the new platforms.
• Partner with engineering, security, and platform teams to deliver cloud native solutions.
• Participate in architecture reviews, design sessions, and cloud governance boards.
• Mentor engineers on AWS networking best practices and cloud architecture principles.

Skills Required