Cloud Engineer / Senior Cloud Engineer – Networking: AWS (IGT1)

IGT1 is a rapidly growing offshore technology and talent solutions company based in Port City Colombo. We are a fully owned subsidiary of IGT I Holdings Sweden AB, funded by the three of world’s leading private equity firms; EQT Group, Hg, and TA Associates. We’re also proud to be a sister company of IFS, Sri Lanka’s largest and most established technology company. 

At IGT1, we partner with global businesses to provide them with an operation that maximizes efficiency, spurs growth, allows them to develop and deliver world-class product and services, and create long-term value. Our people-first culture champions diversity, teamwork, and continuous learning, creating an environment where talent thrives. 

With a team of over 500 professionals and counting, we are always looking for passionate, skilled individuals who want to make a global impact while being part of something extraordinary. 

Through our offshore collaboration model, you'll be embedded within the team of one of our esteemed international clients, contributing directly to high-impact, enterprise-level initiatives.

About Rhapsody:

Rhapsody Health is at the forefront of revolutionizing healthcare with cutting-edge technology that drives meaningful change. Our platform empowers healthcare providers and patients to enhance care delivery and streamline processes, making a tangible impact on the healthcare landscape. As a B Corporation, we are deeply committed to balancing purpose with profitability, and our global team spans countries including Canada, Spain, Switzerland, the United Kingdom, the United States, New Zealand and Sri Lanka.

We are seeking Staff Developers to join our mission of transforming healthcare through innovation and excellence. In this role, you'll be instrumental in advancing our world-class healthcare solutions, collaborating closely with product, design, and engineering teams in a dynamic, outcome-focused environment. If you’re passionate about making a difference and thrive in a collaborative setting, we invite you to be part of our journey to redefine healthcare for the better.

The Cloud Engineer – Networking focuses on thedesign, operation, and troubleshooting of network services that underpin Rhapsody’s AWS‑hosted platforms (RaaS, CaaS, Envoy, Identity/NGS). You will build and supportsecure, resilient connectivity VPC/VPCe, Transit Gateway, Direct Connect, site‑to‑site VPNs (including Sophos XG or similar), routing, DNS, and load balancing while partnering with CloudOps/SRE, Security, Product Support, and customer teams across US/UK/APAC time zones. Success in this role requires strongnetworking fundamentals,hands‑on AWS networking, crisp incident handling, and a service‑oriented mindset.

Key Responsibilities

• Design, configure, and operateAWS networking: VPC/VPCe, Subnets, Route Tables, NACLs, Security Groups,Transit Gateway,PrivateLink, NAT, IGW,Route 53, and hybrid connectivity patterns.
• Build and maintainsite‑to‑site VPNs (IPsec) andDirect Connect (with BGP), including failover and HA designs; administerSophos XG (or equivalent) virtual firewalls.
• ManageLayer‑4/7 traffic usingALB/NLB,AWS WAF, TLS termination, and client/server certificate workflows (PKI).

• Lead deep‑dive troubleshooting fornetwork connectivity (AWS ↔ customer DC/cloud), packet flow, NAT, routing asymmetry, MTU/fragmentation, TCP/TLS, DNS, and identity‑adjacent issues.
• Instrument and monitor network health (CloudWatch, VPC Flow Logs, Datadog, firewall logs); respond to alerts, drive rapid mitigation, and provide clearRCA inputs.

• Execute network changes and environment builds usingTerraform andAWS CLI following change controls and maintenance windows.
• Develop scripts (Bash/Python/PowerShell) for validation checks, log parsing, and configuration hygiene; reduce toil via automation and golden patterns.

• Enforce least‑privilege network access, segmentation standards, and encryption in transit; collaborate with Security on detections and guardrails.
• Maintain auditable documentation (diagrams, SOPs/runbooks, firewall rulesets, cert inventories) and support patching/compliance activities.

• Work directly with customer IT/network teams to set upconnectivity (VPN/DCX), perform cutovers, and resolve issues; explain decisions and trade‑offs clearly.
• Partner with SRE/Engineering to improve observability, resiliency, and performance; assist Support with network‑centric cases.

• Participate in theglobal on‑call rotation for P1/P2 incidents; own clean shift handoffs and accurate ticket hygiene.
• Contribute topost‑incident reviews, knowledge base articles, and continuous improvement initiatives.

Required Qualifications

• 2-3 yearsfor Cloud Engineer or3-5 years for the Senior Cloud Engineer in Cloud/Network Engineering, Network Operations, or SRE with strong networking focus.
• Hands‑onAWS networking experience (VPC/TGW/Route 53/ALB‑NLB/PrivateLink/VPN/Direct Connect/BGP).
• Strongnetwork fundamentals: TCP/IP, routing (static/BGP), NAT, ACLs, firewalls, DNS, TLS/PKI, IPsec; packet capture/flow analysis (e.g., tcpdump, Wireshark).
• Proficiency with Bash, Python,Terraform andAWS CLI; Git‑based workflows and change control discipline.
• Linux administration fundamentals; comfort reading system/app logs.
• Experience infollow‑the‑sun/24×7 environments withon‑call participation.
• Excellent written and verbal communication for global and customer‑facing work.

Preferred Qualifications

• Certifications (one or more): AWSAdvanced Networking – Specialty, AWSSolutions Architect – Associate/Professional,CCNA/CCNP,Network+, orFortinet/Sophos equivalents.
• Experience withSophos XG (or similar virtual firewall),IPsec/IKEv2 tuning, and HA patterns.
• Exposure toobservability/SIEM/EDR (Datadog, Rapid7, SentinelOne) and security best practices.
• Familiarity with healthcare integration engines (Rhapsody/Corepoint) or other enterprise SaaS workloads.
• Scripting beyond basics (Python/Bash) and CI/CD familiarity.

Shift & On‑Call Expectations

• Assignedshift coverage aligned with global operations; occasional shift adjustments for maintenance or projects.
• Participation inrotational on‑call for P1/P2 events per local policy
• Precisehandoffs and status updates at shift boundaries.

Education

• College degree in Computer Science, Information Technology, or a closely related fieldpreferred
• Demonstrated, relevant experience may besubstituted for a degree
• AWS certification preferred (e.g., AWS Solutions Architect, AWS Advanced Networking – Specialty)

We champion flexibility and hybrid work options to support varying lifestyles and personal needs. At the same time, we value the power of in-person collaboration to build community, spark innovation, and strengthen connections. Our approach ensures you can work in ways that suit you best while still engaging with colleagues to share ideas and grow together. #LI-Hybrid #LI-DNP