IT Cloud Engineer

The Cloud Engineer role focuses on the design, implementation, and management of secure, scalable, and cost-effective cloud platforms across AWS and Azure environments. This position supports core infrastructure and architecture initiatives while enhancing engineering practices in areas such as networking, identity management, observability, and security. Responsibilities include developing and maintaining secure production environments with an emphasis on Kubernetes, identity-based access, and DevSecOps methodologies. The role also involves managing resilient EKS platforms, multi-cluster configurations, GitOps workflows, admission controls, network policies, and comprehensive identity frameworks.

FOUR DIAMOND SERVICE AGREEMENT
All Team Members will display a Four Diamond commitment to Customer Service through the delivery and maintenance of the Quality Standards established by Pechanga Resort Casino (PRC).

KEY RESPONSIBILITIES

• Design and Build: Multi-account/subscription landing zones, VPC/VNet topologies, private connectivity (Transit Gateway, PrivateLink/Private Endpoint, VPN/Direct Connect/ExpressRoute) and secure baseline controls
• Platform Ops: Run production environments (patching, backups, DR, autoscaling, capacity planning, OS/hypervisor images, AMIs/VM images)
• Identity & Security: Implement least-privilege IAM/Entra ID, SSO, Conditional Access, secrets management (AWS KMS, Azure Key Vault) and policy guardrails (SCPs, Azure Policy)
• Networking: Build resilient L3/L7 routing, load balancing (ALB/NLB, Azure LB/App GW), DNS, TLS and service-to-service connectivity (PrivateLink, VNet peering, TGW)
• Observability: Standardize logging/metrics/tracing (CloudWatch, Azure Monitor/Log Analytics), create SLOs/dashboards and incident response runbooks
• Author high-fidelity analytics (KQL) mapped to MITRE ATT&CK, tune noisy rules, implement UEBA and wire SOAR/playbooks for auto-containment (isolate instance, block token, rotate keys, disable user)
• Normalize/ingest logs from cloud control planes, EDR, firewalls, API gateways, containers and serverless into SIEM
• Shift-left controls in CI/CD (GitHub Actions and Azure DevOps)
• Lead Kubernetes cluster lifecycle management (provisioning, upgrades, scaling, monitoring, troubleshooting)
• Lead efforts around observability, policy enforcement, cost optimization and RBAC/security hardening within the Kubernetes cluster
• Support CI/CD pipelines and GitOps-based deployment
• Ability to troubleshoot issues related to networking, storage, interdependencies, security, etc.
• Building highly available, cost efficient, fault tolerant and scalable distributed systems
• Ensure the stability, integrity and efficient operation of the infrastructure
• Manage Linux based tools, position requires experience with Linux and scripting
• Writing and enforcement of security policies in a cloud environment
• Assist in reviewing logs, writing alerts and tag management
• Configure and maintain permission sets and access privileges to all cloud resources
• Continuously manage the configuration of all AWS Org environments and AWS services

Accountability: This position has no supervisory responsibilities. The Team Member is responsible for protecting the assets of PRC.
________________________________________

QUALIFICATIONS AND GUIDELINES
________________________________________

EXPERIENCE/TRAINING/EDUCATION: Bachelor's degree or equivalent in IT, computer science or related field; and a minimum of (7) years or more of relevant work experience; or Equivalent combination of education and progressive, relevant and direct experience may be considered in lieu of minimum educational/experience requirements indicated above.

• 6 years working in an enterprise level environment designing, building server, storage & network solutions in virtualized environments.
• 3 years of experience implementing private/public and/or hybrid cloud solutions.
• 3 year experience in container technology like Docker, Kubernetes or EKS.

COMMUNICATION SKILLS: This position requires the ability to read, analyze, and interpret common scientific and technical journals. This position also requires the ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the community. The position also requires the ability to write justification and recommendations along with the ability to effectively present information to top management, public groups, and/or boards of directors as required.

REASONING ABILITY: The position requires the ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. This position also requires the ability to accurately interpret a variety of instructions furnished in written, oral, diagram, or schedule form.

Certificates, Licenses, Registrations:

• Obtain and maintain a gaming license
• Possess and maintain a valid driving license with an acceptable driving record as defined by the Tribe’s insurance carrier

SKILLS/ABILITIES:
Advanced knowledge of:

• Experience working in AWS
• Experience working in Azure
• Experience with working in a Kubernetes based environment
• Linux system administration
• Windows system administration

Experience with:

• AWS RDS, Redshift, Glue, as well as basics such as IAM, S3, EC2, and Lambda
• AWS Load Balancing (ALB, NLB, GLB)
• AWS Security Services (AWS Trusted Advisor, GuardDuty, CloudWatch, Inspector, WAF, CloudTrail and SecurityHub)
• Docker, Kubernetes, and EKS
• Deep understanding of Kubernetes and its ecosystem (i.e service meshes, scalability, volume management, etc.)
• Hashicorp Vault
• Must have a high aptitude for understanding packet traces, logs, security event flow and related technologies
• Hands-on experience of technology infrastructure, network, compute, storage and virtualization

Familiar with:

• AWS Networking (VGW, TGW, DGW)
• Public cloud and private cloud architectures.
• Docker, Kubernetes and EKS.
• AWS CLI, PowerShell, Terraform
• Linux based tools

Other Qualifications:

• Ability to be self-motivated and resourceful with limited supervision
• Ability to work within a team and as an individual contributor in a fast-paced, changing environment
• Ability to work in a highly matrixed and culturally diverse casino environment
• Must be able to take direction and follow through with assigned tasks
• Able to prioritize initiatives and communicate effectively with leadership on these priorities
• Ability to handle complex issues and problems
• Must be flexible and willing to travel, work nights, weekends and holidays and be on-call

DISCLAIMER:
The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.