Senior Platform Engineer

Senior Platform Engineer 

Location: Australia
Work style: Remote, hybrid, or flexible depending on location
Level: Mid-Senior
Employment type: Full-time

About the role

We are looking for a Cloud Engineer to take ownership of our cloud infrastructure, security posture, cost optimisation, and operational reliability.

You will work across a modern web application stack built on AWS, Cloudflare, TypeScript, JavaScript, and SPA architecture. Our AWS infrastructure is currently managed using AWS CDK, although we are open to evolving our infrastructure-as-code approach where there is a strong technical case.

This is a high-impact role for someone who wants to own infrastructure end-to-end rather than sit in a narrow delivery lane. You will help shape how we scale, secure, monitor, automate, and govern our cloud environment as the company grows.

You will also play a key role in our security and compliance operations, including Vanta ownership, security certification readiness, device and access management, and infrastructure controls.

What you will own

Cloud infrastructure

You will own the design, implementation, maintenance, and improvement of our AWS and Cloudflare infrastructure.

This includes:

• Managing AWS resources using CDK or other appropriate infrastructure-as-code tooling.

• Improving cloud architecture for reliability, scalability, security, and maintainability.

• Managing networking, DNS, CDN, edge security, WAF, certificates, environments, IAM, logging, monitoring, and deployment infrastructure.

• Reviewing and improving our environment strategy across development, staging, and production.

• Helping engineering teams ship safely without slowing them down.

Security and compliance

You will be responsible for strengthening our technical security posture and supporting certification efforts.

This includes:

• Owning Vanta validation, evidence, alerts, and remediation actions for infrastructure, endpoints, access, and other technical systems.

• Supporting security certifications such as SOC 2, ISO 27001, or similar frameworks.

• Implementing and maintaining security controls across cloud infrastructure, access management, endpoint management, and engineering workflows.

• Reviewing IAM, secrets management, logging, backup, vulnerability, and incident-response practices.

• Helping determine whether an MDM solution is needed, then leading selection and implementation if required.

• Partnering with leadership and engineering on pragmatic, auditable security processes.

Cost, reliability, and operational excellence

You will continuously improve the way we run infrastructure.

This includes:

• Monitoring AWS and Cloudflare spend and identifying cost optimisation opportunities.

• Implementing practical observability across infrastructure and application-supporting services.

• Improving alerting, incident response, runbooks, backup practices, and disaster recovery readiness.

• Reducing manual operational work through automation.

• Creating clear documentation so the infrastructure is understandable, maintainable, and auditable.

AI Tooling and Agent Orchestration

You will integrate, manage, and use AI coding tools and autonomous agents to significantly enhance engineering productivity and workflow reliability, moving towards a "human over the loop" paradigm.

This includes:

• Infrastructure Automation: Leveraging AI tools (e.g., Claude Code, Cursor) for the rapid generation, refactoring, and maintenance of Infrastructure-as-Code (IaC) like AWS CDK.

• Workflow Optimization: Defining and orchestrating automated agent harnesses and "skills" (e.g., using agents.md files) to standardize development practices, automate bug fixes, and manage dependencies across cloud environments.

• Testing and Validation: Integrating AI-driven testing into CI/CD pipelines to automatically generate and execute unit and end-to-end tests, ensuring continuous reliability and security validation.

• Documentation Synthesis: Utilizing AI agents to automatically maintain and synchronize infrastructure documentation and operational runbooks with code changes to ensure accuracy and auditability.

What success looks like

In your first 3-6 months, you will have:

• Built a clear map of our AWS and Cloudflare infrastructure.

• Identified and prioritised security, cost, reliability, and compliance gaps.

• Strengthened IAM, access control, logging, monitoring, and alerting.

• Recommended whether we need MDM and, if appropriate, started implementation.

• Created practical infrastructure documentation and operational runbooks.

• Helped engineering move faster with safer and more repeatable cloud practices.

• Improved our Vanta evidence and remediation workflow.

What we are looking for

You should have solid hands-on experience with cloud infrastructure and the judgement to balance best practice with business reality.

Required experience

• Strong commercial experience with AWS in production environments.

• Experience with infrastructure as code, ideally AWS CDK, Terraform, Pulumi, or similar.

• Good understanding of Cloudflare, DNS, CDN, WAF, SSL/TLS, caching, workers, and edge security.

• Strong working knowledge of IAM, security groups, networking, secrets management, logging, monitoring, and backups.

• Experience supporting web applications, ideally SPAs or API-backed platforms.

• Practical understanding of cloud security, least privilege, auditability, and operational controls.

• Experience managing cloud cost, usage visibility, and optimisation.

• Strong documentation and communication skills.

• Ability to operate independently and take ownership without needing heavy direction.

Valuable but not required

• Experience with Vanta, Drata, Secureframe, or similar compliance automation platforms.

• Experience supporting SOC 2, ISO 27001, IRAP, Essential Eight, or similar security frameworks.

• Experience implementing or managing MDM tools such as Kandji, Jamf, Mosyle, Intune, JumpCloud, or similar.

• Experience with CI/CD, GitHub Actions, deployment pipelines, and environment automation.

• Experience with incident response, disaster recovery planning, or business continuity controls.

• Familiarity with containerised workloads, serverless architectures, or managed AWS services.

• Experience in a startup, scale-up, SaaS, fintech, healthtech, or security-conscious environment.

The kind of person who will do well here

You will likely enjoy this role if you:

• Like owning infrastructure rather than only responding to tickets.

• Care about security but know how to keep it pragmatic.

• Can explain technical trade-offs clearly to engineers and non-engineers.

• Prefer automation and documentation over repeated manual work.

• Are comfortable improving systems that already exist, not just designing greenfield architecture.

• Have strong judgement around when to use best practice, when to simplify, and when to escalate risk.

• Want a role where cloud engineering, platform ownership, security, compliance, and cost optimisation all intersect.

This is a direct application.

We are not working with agencies. Any unsolicited resume will be treated as a courtesy referral