Principal Cloud Platform and Infrastructure Architect
$248,557–$325,425 year
Hybrid · Santa Clara, California, United States
Job Summary
Principal Cloud Platform and Infrastructure Architect leads the Platform Engineering Team to define the multi-year technical vision for secure, resilient, and scalable infrastructure across AWS and on-premises, including foundational services, automation, and governance. The role is hands-on, writing production code (OpenTofu, Terragrunt, Packer, Ansible), building proof-of-concept implementations, debugging distributed system failures, and guiding architectural decisions through the Architecture Board. Responsibilities include designing highly available, fault-tolerant systems; implementing security controls and compliance with SOC 2, ISO 27001, NIST, and FedRAMP; managing identity, networking, and multi-region deployments; enforcing IaC standards; establishing incident response and observability; mentoring senior engineers; and representing the organization through external speaking engagements and open-source contributions. The position requires deep cloud infrastructure expertise, strong leadership, and the ability to align technical roadmaps with business outcomes, with travel up to 25% internationally and domestically. The role is onsite or hybrid in Santa Clara, CA, with a US-centric remote/hybrid work arrangement.
Required Qualifications
- 12–15 years of professional experience in Cloud Infrastructure, Platform Engineering, System Engineering, or SRE
- 8 years of experience building, scaling, or transforming Platform Engineering or SRE organizations
- 10 years of experience operating production environments with real customer workloads at scale
- 10 years of experience in highly available, secure, and scalable distributed systems design
- 10 years of experience with AWS Cloud Architecture and Services (multi-account, multi-region)
- 5 years of experience with AWS Organizations, Control Tower, and Service Control Policies
- 8 years of experience in cloud networking (VPC design, Transit Gateway, routing, segmentation, dual-stack IPv4/IPv6)
- 6 years of experience with Infrastructure-as-Code (OpenTofu, Terragrunt, Packer, Ansible)
- 6 years of experience with security controls and cloud security (WAF, DDoS mitigation, layered edge/app protection)
- 5 years of experience in backup, restore, and disaster recovery for mission-critical platforms
- Preferred: relevant certifications (AWS Solutions Architect Professional, GCP Professional Cloud Architect, CISSP, CCSP)
- Experience with multi-cloud infrastructure management, on-premises network architecture, and hybrid cloud connectivity
- Expertise in distributed systems, microservice architectures, Kubernetes, and enterprise-scale CD
- Deep expertise in Linux/Unix internals, file systems, network troubleshooting
- Experience designing and operating centralized identity platforms (SSO, IAM federation, OAuth/OIDC) in regulated environments
- Experience with AWS Fault Injection Simulator and resilience testing frameworks
- Experience leading platform or infrastructure teams through transformational change
- Track record of TCO optimization and capacity planning
- Bachelor's degree or higher implied by years of experience
- US export control and compliance considerations for role
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.