JOBS

KeHE seeks a Cloud Engineer to join their team. The Cloud Engineer will lead the configuration and optimization of our enterprise cloud solutions. This role will be responsible for ensuring the security, standards, performance, and reliability of all cloud infrastructure—including computer, networking, storage, and disaster recovery across the organization. This individual will be a strategic thinker with excellent technical acumen, project execution capability, and a commitment to continuous innovation and leadership.
Pay Range: $95,700.00/Yr. – $140,239.00/Yr. Benefits on Day 1: Health/Rx; Dental; Vision; Flexible and health spending accounts (FSA/HSA); Supplemental life insurance; 401(k); Paid time off; Paid sick time; Short-term & long-term disability coverage (STD/LTD); Employee stock ownership (ESOP); Holiday pay for company designated holidays.
Some essential functions are the following:

• Cloud Architecture/Deployment/Automation & CI/CD
  • Build and maintain scalable and secure multi-cloud environments across AWS and Azure.
  • Configure core infrastructure components including:
    • Compute: EC2, Lambda, ECS (AWS); Virtual Machines, App Services, Functions (Azure).
    • Networking: VPCs, Transit Gateway, Route 53 (AWS); VNets, Private Endpoints, DNS Zones, Load Balancers (Azure).
    • Storage: S3, EBS, EFS (AWS); Blob, File Share, Disk Storage (Azure).
    • Databases: RDS, DynamoDB (AWS); Azure SQL, Cosmos DB (Azure).
  • Develop and manage infrastructure-as-code (IaC) using Terraform, Bicep, or CloudFormation for repeatable, version-controlled deployments.
  • Automate provisioning, patching, scaling, and maintenance tasks through Python, PowerShell, or Bash scripting.
• Monitoring/Logging/Performance Optimization
  • Configure and manage observability solutions using CloudWatch, CloudTrail, Azure Monitor, and Log Analytics.
  • Implement centralized logging and alerting with Elastic Stack (ELK), Grafana, or Azure Sentinel.
  • Conduct proactive cost optimization, rightsizing, and resource tagging across both clouds.
• Security/Compliance/Networking/Connectivity
  • Manage secrets and keys using AWS Secrets Manager, Azure Key Vault, and Parameter Store.
  • Enforce compliance with organizational and regulatory standards (e.g., CIS, NIST, ISO 27001) through automated policies using AWS Config, Azure Policy, and Defender for Cloud.
  • Conduct vulnerability scanning & remediation as well as patch management on cloud resources.
  • Work with Security team to establish and enforce corporate policies, standards and frameworks, ensuring all products and solutions are aligned.
  • Collaborate with Security teams to monitor and respond to threats and alerts.
  • Design and maintain hybrid network connectivity between on-premises and cloud environments using VPN, ExpressRoute, and Direct Connect.
  • Implement network segmentation, firewall rules, and private endpoints for secure data flows.
  • Troubleshoot DNS, load balancing, and routing issues across both platforms.