Role Summary
We are seeking an experienced AWS Cloud Architect to join us. This is a dual-mandate role: you will ensure the reliability, security, and continuous evolution of our production IoT SaaS platform, while concurrently leading cloud architecture for our next-generation Intelligent Building Management System (iBMS). You will work hands-on with AWS-managed services and IoT protocol stacks, collaborating closely with firmware, backend, and product teams.
Key Responsibilities
- Own end-to-end AWS infrastructure for our SaaS products, ensuring high availability, low latency, and security.
- Manage AWS services for identity, databases, storage, and messaging in a multi-tenant environment.
- Maintain Kubernetes cluster health: scaling, RBAC, pod autoscaling, and upgrade cadence.
- Enforce security best practices: IAM least-privilege, network segmentation, device-to-cloud authentication, and compliance with SOC 2 / ISO 27001.
- Collaborate with firmware and backend teams on IoT device onboarding, OTA updates, and protocol integration.
- Lead cloud architecture for our next-generation Intelligent Building Management System (iBMS), spanning IoT, data, and AI layers.
- Own infrastructure cost governance, disaster recovery plans, and RTO/RPO commitments.
Required Qualifications & Experience
- AWS Certified Solutions Architect - Professional (mandatory) AWS Certified DevOps Engineer -Professional (advantageous).
- Proven experience designing event-driven, microservices architectures for multi-tenant SaaS products.
- Expert Python programming intermediate Go JavaScript/TypeScript/C/C++ advantageous.
- Deep proficiency with core AWS services: EKS, ECS, ECR, IAM, Cognito, API Gateway, S3, SNS, Route53,CloudFront, CloudWatch, and KMS.
- Hands-on Kubernetes administration (RBAC, HPA/VPA/KEDA, network policies) and Istio service mesh (mTLS, traffic management, observability).
- Infrastructure as Code using Terraform (preferred) or AWS CDK CI/CD pipeline experience with GitHub Actions, GitLab CI, or Jenkins.
- Observability stack experience: Prometheus, Thanos, and Grafana.
- Familiarity with IoT protocols (MQTT, Modbus, LoRaWAN, Zigbee, BACnet/IP) and device provisioning patterns (X.509, OTA updates).
- Prior experience in an architect or principal engineer role, ideally in an IoT or SaaS environment.
Preferred Qualifications
- Experience developing cloud solutions compliant with ISO 27001, SOC 2, or Singapore CyberSG requirements.
- Background in smart building platforms, IBMS, SCADA, or building automation systems (BAS).
- Experience with Digital Twin platforms and related data models.
- Experience with payment gateway integrations and PCI-DSS compliance.
- Exposure to AI/ML workloads on AWS (SageMaker, Bedrock) for analytics or forecasting applications.
- Knowledge of Singapore BCA Green Mark requirements and smart building energy standards.
Core Competencies
Technical Leadership:
- Systems thinking - holistic design across stack layers
- Trade-off analysis (build vs. buy, consistency vs. availability)
- Security-first mindset in all design decisions
- Data-driven performance optimisation
- Ownership mentality for production reliability
Interpersonal & Delivery:
- Ability to communicate architecture to non-technicalstakeholders
- Strong written documentation habits (ADRs, runbooks, RFCs)
- Collaborative approach with firmware, product, and QA teams
- Calm under production incident pressure structured incident command
- Self-directed able to prioritise across parallel workstreams
What We Offer
- Dual mandate role with significant technical scope: live SaaS operations plus greenfield iBMS platform development.
- Opportunity to architect and build a next-generation Intelligent Building Management System from inception.
- Exposure to the full IoT stack: from field device protocols to cloud data platforms and AI-driven building analytics.
- Collaborative engineering culture with short decision cycles and direct access to product leadership.
