Senior Infrastructure Engineer (AWS)

About us

uMed is a healthtech and data platform transforming clinical research through real-world and patient-generated data. Our platform enables rapid, decentralized research and high-quality data generation across a global healthcare network. As we scale our next-generation data platform, we are investing in strong infrastructure foundations to support secure, reliable, and compliant data and application workflows.

Role Overview

We are looking for a Senior Infrastructure Engineer (AWS) to take ownership of our cloud and hybrid infrastructure. This role is responsible for designing, securing, and operating our AWS environment, managing access and identity across teams, and supporting integration with third-party and on-premise systems (e.g., TPP). A key part of this role is reducing operational overhead by improving infrastructure design, access models, and system standardization. You will play a critical role in moving us from reactive infrastructure management to a scalable, well-governed platform. You will act as the primary owner of infrastructure-related decisions and best practices across the organization.

AWS Infrastructure Ownership

• Own and manage uMed’s AWS environment across dev, staging, and production
• Design and maintain VPCs, networking, and environment isolation
• Manage core services including EC2, ECS/Fargate, RDS, S3, and Redshift
• Implement and maintain Infrastructure-as-Code (Terraform or equivalent)
• Manage cloud-hosted databases (e.g., RDS), including provisioning, access control, backup/restore, and security configuration

Access & Identity Management (High Priority)

• Design and manage IAM roles, policies, and permission models
• Provision secure access for internal teams, external collaborators, and offshore teams
• Enable secure connectivity via:
• IAM / AWS Identity Center
• Role-based access
• Bastion hosts / tunnel servers where required
• Improve and standardize access models and patterns to reduce manual provisioning

Hybrid & Third-Party System Management

• Lead setup and ongoing management of third-party/on-premise systems (e.g., TPP Hub/Reporting Unit)
• Provision and manage VM-based environments (Linux/Windows)
• Configure networking and connectivity (VPNs, IP whitelisting, firewall rules)
• Troubleshoot and resolve issues across AWS and vendor-managed systems
• Work directly with external vendors to support deployment and maintenance
• Document setup, dependencies, and recovery processes
• Provide occasional support for issues in third-party systems deployed in external environments (e.g., GP practice systems), including troubleshooting installation or connectivity issues in collaboration with end users and vendors

Reliability, Backup & Disaster Recovery

• Define and implement backup strategies across all critical systems
• Own disaster recovery planning (RTO/RPO), execution, and testing
• Regularly test restore and failover processes
• Improve system resilience and reduce operational risk

Monitoring, Security & Compliance

• Implement and maintain monitoring, logging, and alerting (CloudWatch, DataDog)
• Ensure infrastructure aligns with security best practices and ISO 27001 requirements
• Maintain auditability of access and system activity (CloudTrail, logging)
• Support vulnerability management and incident readiness

Infrastructure Hygiene & Cost Management

• Identify and remove unused or underutilized resources
• Implement tagging, cost allocation, and cost optimization practices
• Maintain a clean, well-structured AWS environment

Platform & Automation Improvements

• Automate provisioning and operational workflows
• Reduce manual and repetitive infrastructure tasks
• Improve system design to minimize incidents and operational overhead

Required Experience

• 5+ years of experience in infrastructure / DevOps roles
• Strong hands‑on experience with AWS (VPC, EC2, ECS/Fargate, S3, RDS, Redshift)
• Proven experience managing multi‑account AWS environments
• Experience designing and managing secure, auditable access to AWS resources, including data platforms
• Strong understanding of networking (VPCs, VPNs, routing, security groups)
• Experience with Infrastructure-as-Code (Terraform or CloudFormation)
• Experience with backup, restore, and disaster recovery planning and testing
• Strong Linux and scripting skills (Bash/Python)
• Experience with monitoring tools (DataDog, CloudWatch)
• Comfortable troubleshooting issues in external or user‑managed environments where infrastructure is not directly controlled

Desirable Experience

• Experience integrating with on‑premise or third‑party systems
• Experience working in regulated environments (ISO 27001, HIPAA, GxP)
• Exposure to Windows‑based environments (for hybrid/vendor systems)

What Success Looks Like in This Role

• Access provisioning is structured, secure, and scalable
• Infrastructure is standardized, automated, and well‑governed
• Disaster recovery processes are tested and reliable
• Hybrid/vendor systems (e.g., TPP) are stable and well‑managed
• Operational workload reduces over time through improved system design

Benefits

• Private Health Insurance to keep you covered
• Pension Plan to help you secure your future
• Plenty of Paid Time Off for your well-deserved breaks
• Work From Home equipment budget for a comfortable working space
• Flexible Benefits platform tailored to your needs
• Enjoy your Birthday Day Off on us!
• Eye‑test vouchers for Specsavers to look after your eyesight
• Coworking policy – catch up with the team as regularly as once a week