Cloud Lead (AWS DevSecOps)

Job Title: Cloud Lead (AWS DevSecOps)

Job Location: Hybrid- New York [New York, NY-550 W 34th St]

** Please note, this role is not able to offer visa transfer or sponsorship now or in the future**

We are seeking a highly skilled Cloud Architect / Cloud Lead with deep expertise in AWS, DevOps, and DevSecOps practices. This role will be responsible for designing, implementing, and optimizing scalable cloud infrastructure, CI/CD pipelines, and secure deployment frameworks. The ideal candidate will bring strong experience in GitLab, Terraform, AWS CDK, and container platforms, along with a solid understanding of security, compliance, and observability in enterprise environments.

Salary and Other Compensation:

The annual salary for this position is between $114,000 to $128,000 depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.

In this role, you will

CI/CD & DevOps Engineering

• Design and implement robust GitLab CI/CD pipelines using multi-stage YAML for build, testing, security scanning, and multi-environment deployments.

• Configure and manage GitLab Runners (EC2/EKS-based autoscaling) with focus on scalability, performance, and security.

• Optimize pipeline performance through parallel execution, caching, artifact reuse, and conditional workflows.

• Implement automated release management including tagging, semantic versioning, rollback strategies, and audit traceability.

Cloud Infrastructure & Automation

• Develop Infrastructure as Code (IaC) using Terraform and AWS CDK (TypeScript/Python) with modular and reusable design patterns.

• Automate provisioning of AWS services such as VPC, IAM, EC2, ECS/EKS, Lambda, RDS, and S3 using parameterized templates.

• Build and manage multi-account and multi-region AWS environments using CDK pipelines and GitLab integration.

• Implement scalable and resilient deployment strategies including blue/green, canary, and rolling deployments.

Containerization & Platform Engineering

• Automate deployment of applications to container platforms (ECS/EKS), including image build pipelines and runtime configuration.

• Manage Kubernetes deployments using Helm charts and establish repeatable deployment standards.

• Implement container lifecycle management and registry governance using GitLab Registry and Amazon ECR.

DevSecOps & Compliance

• Integrate security controls within CI/CD pipelines including SAST, DAST, dependency scanning, container scanning, and secrets detection.

• Enforce least-privilege access by designing IAM roles, policies, and cross-account access controls.

• Implement secure configuration and secrets management using AWS Secrets Manager, SSM Parameter Store, and CI/CD variables.

• Enable compliance reporting aligned to PCI DSS, SOC 2, GDPR, and CIS benchmarks.

Monitoring, Logging & Observability

• Design and implement end-to-end observability frameworks using AWS CloudWatch (logs, metrics, alarms).

• Integrate third-party monitoring tools such as Datadog, Dynatrace, Splunk, or Grafana.

• Build centralized logging architecture with CloudWatch, CloudTrail, and S3 archival and retention policies.

• Develop custom CloudWatch dashboards with dynamic filtering and service correlation views.

• Configure advanced alerting mechanisms including composite alarms, anomaly detection, and threshold tuning.

• Enable cross-account observability using AWS Organizations and centralized monitoring accounts.

Operational Excellence & Troubleshooting

• Troubleshoot and resolve issues across CI/CD pipelines, infrastructure, networking, IAM, and runtime environments.

• Perform drift detection and remediation in infrastructure and deployments.

• Ensure high availability, scalability, and reliability of cloud environments through proactive monitoring and optimization.

What you’ll need to succeed (required skills)

• Extensive experience with AWS Cloud services (10+ years preferred)

• Strong hands-on expertise in Terraform and AWS CDK

• Experience with GitLab CI/CD and pipeline automation

• Solid experience with container platforms (ECS/EKS, Kubernetes)

• Proficiency in DevSecOps tools and security integration

Preferred Skills

• Experience with multi-account AWS architecture and governance

• Exposure to financial services regulatory environments

• Strong scripting skills in Python or TypeScript

• Experience with observability platforms (Datadog, Splunk, Dynatrace, Grafana)

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Work model:

At Cognizant, we strive to provide flexibility wherever possible, and we are here to support a healthy work-life balance though our various wellbeing programs. Based on this role’s business requirements, this is a hybrid role requiring 3 days a week at client site in New York, USA.

The working arrangements for this role are accurate as of the date of posting. This may change based on the project you’re engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations.

We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.

“Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.

关于高知特 (Cognizant)
高知特(Cognizant)（纳斯达克代码：CTSH）作为一家AI Builder和相关技术服务提供商，致力于通过打造全栈AI解决方案，帮助企业将人工智能投资转化为实际价值。公司凭借深厚的行业经验、流程优化和工程技术专长，将企业独特的业务场景融入科技系统，赋能组织释放人才潜能，推动切实成果，并帮助全球企业在瞬息万变的环境中保持领先。如需了解更多详情，敬请访问 cognizant.ai 或关注@cognizant。

补充雇佣信息
薪酬信息截至本职位发布之日为准。Cognizant 保留在适用法律允许的范围内随时修改该信息的权利。
申请人可能需要通过现场面试或视频会议的方式参加面试。此外，候选人在每次面试时可能需要出示其当前所在州或政府签发的有效身份证件。
Cognizant 是一家提供平等就业机会的雇主。在招聘过程中，您的申请和候选资格不会因种族、肤色、性别、宗教、信仰、性取向、性别认同、国籍、残疾、遗传信息、怀孕、退伍军人身份或任何其他受联邦、州或地方法律保护的特征而受到影响。