Verified Employer Hiring Fast Featured Role

Senior Cloud Engineer

Heirs Technologies verified
flag
Location
location_on -
Work Model
home_work onsite
Job Type
work Full-time
External Interest
open_in_new 0 clicks
Salary
payments Competitive

Intelligence Match

Match: ??%

rocket_launch
Skills Match 87%
Experience Match 88%
Portfolio Match 84%
lock

Unlock Your Personalized Match

Sign in to see your exact score breakdown and personalized insights.

Sign In

Team Tagline

No Tagline provided.

About the role

Heirs Technologies is the technology subsidiary of Heirs Holdings, Africa's leading investment holding company. We are building a next-generation digital banking platform for one of Africa's largest financial institutions — a product built to serve 15 million users at launch, scaling to hundreds of millions across the continent and diaspora. This is a once-in-a-generation opportunity to work on infrastructure that will define how Africa transacts, saves, and grows.

As a Senior Cloud Engineer, you will be a hands-on builder of the cloud infrastructure that powers Africa's most ambitious digital banking platform. You will design, provision, and operate a dual-cloud environment across AWS and Azure — ensuring it is always on, highly secure, infinitely scalable, and built entirely in code.

Required Skills

AWS CI/CD Kubernetes Google Cloud (GCP) Linux Shell Scripting Redis Cassandra

Preferred Skills

Docker Identity & Access Mgt PostgreSQL Ansible Datadog Cloudflare GDPR Compliance

Responsibilities

  • Dual-Cloud Infrastructure — Design, provision, and maintain production-grade cloud infrastructure across both AWS and Azure — ensuring both environments mirror each other in architecture, connect reliably to the institution's on-premises Core Banking systems, and operate with no single point of vendor dependency.
  • Infrastructure as Code — Define every environment — dev, staging, and production — in version-controlled IaC. Terraform, Ansible, and Bash are the approved tools for infrastructure provisioning and automation. No manual cloud provisioning. All environments must be reproducible, auditable, and spun up on demand.
  • High Availability & Resilience — Architect and maintain highly available configurations across all services, databases, middleware, and storage — targeting 99.99% platform uptime. Implement circuit breakers, retry logic, auto-scaling, and graceful fallbacks so users never feel a backend failure.
  • Private Networking & Zero Trust — Own the platform's private network architecture — ensuring every cloud environment is isolated, segmented, and built on the principle that no internal service is ever publicly reachable. Design and maintain the full private networking stack across AWS and Azure: VNets, dedicated subnets, NSGs, private DNS, and private endpoints for all managed services. Enforce zero-trust principles across all internal communication — no implicit trust, every request authenticated and authorised. Public internet exposure is limited strictly to approved entry points: Cloudflare DDoS → WAF → API Gateway.
  • Auto-Scaling & Cost Efficiency — Own the platform's approach to scalability and cloud cost efficiency — ensuring infrastructure responds dynamically to demand and never carries unnecessary cost. Configure services to scale to zero at idle and scale out at peak without manual intervention. Continuously monitor and optimise cloud resource consumption — ensuring no environment is over-provisioned and every element of platform spend is lean and justified.
  • Managed Services & Platform Stack — Provision and operate the platform's managed cloud services — including PostgreSQL (Azure Database for PostgreSQL, Amazon RDS/Aurora), Apache Cassandra (Azure Managed Instance, Amazon Keyspaces), Redis, RabbitMQ/Azure Service Bus/Amazon SQS, and Kong API Gateway.
  • Secrets & Key Management — Manage all secrets, certificates, and encryption keys through Azure Key Vault, AWS Secrets Manager, or equivalent secrets management platform. Enforce rotation schedules. Ensure no credential is ever hardcoded in application code, configuration files, or container images.
  • Security & Compliance — Implement and maintain cloud security controls — including AES-256 encryption at rest, TLS 1.2+ in transit, DLP monitoring for abnormal data transfer and unauthorised export, and alerting on policy changes or attempts to disable logging. Contribute to PCI DSS and CBN compliance posture.
  • Observability — Instrument cloud infrastructure with centralised logging, metrics, and alerting from day one. Ensure every layer of the infrastructure stack is fully visible — no blind spots in production.
  • CI/CD Integration — Integrate cloud infrastructure provisioning into DevSecOps pipelines — ensuring infrastructure changes flow through the same automated, security-gated pipelines as application code.
security

Job Application Safety Disclaimer

Your security and privacy are our top priorities. Please be aware that InStreamIQ will never ask you to pay any fees for job applications, placements, or training as a condition of employment.

Furthermore, legitimate employers will not ask for sensitive personal identification such as your Bank Verification Number (BVN), National Identification Number (NIN), or Passport details during the initial application phase. Do not share financial information or make any payments to individuals or organizations claiming to represent an employer. If you encounter any suspicious requests, please report the listing immediately via our support channels.

fact_check

Confirm Application & Data Sharing

By proceeding, you consent to sharing your InStreamIQ professional profile with Heirs Technologies for the purpose of applying for the Senior Cloud Engineer position.

Shared data includes your: Email address, Work Experiences, Educational Background, Technical Skills, and Portfolio Projects.

This information is shared exclusively for this specific candidacy. You can manage your privacy settings in your dashboard.

exit_to_app

Leaving InStreamIQ

You are moving to an external platform to complete your application. Please note that InStreamIQ is not responsible for the data security or privacy practices of third-party websites.

Safety Reminder: Do not share highly sensitive information like BVN, NIN, or make any form of payment on external sites.

By clicking 'Continue', you acknowledge that you are proceeding at your own discretion to the employer's chosen platform.