What I Do
I help engineering teams build infrastructure that scales without burning money or burning out. Currently open to full-time Staff/Principal roles and selective consulting engagements.
AWS Platform Architecture
Design and implement multi-account AWS organizations from scratch. Control Tower, Account Factory for Terraform, SCPs, guardrails — the full landing zone.
- Self-service account vending via merge requests
- Blast-radius isolation between teams and environments
- Compliance guardrails that prevent misconfigurations before they happen
Terraform Module Strategy
Transform monolithic Terraform into a composable module ecosystem your whole team can contribute to.
- 60% reduction in plan times through module decomposition
- Standardized patterns that scale from 1 to 25+ engineers
- CI/CD guardrails (Checkov, tflint, automated validation)
CI/CD Pipeline Design
Build deployment pipelines that get code from commit to production safely and fast. GitHub Actions, GitLab CI, or whatever your team uses.
- Deployment cycles compressed from days to minutes
- OIDC-based keyless authentication (no stored secrets)
- Automated testing, scanning, and approval gates
Cloud Cost Optimization
Find the money you're wasting on AWS and put it back in your budget. Environment consolidation, right-sizing, managed service migration.
- $750K+ in cumulative savings delivered across multiple organizations
- Automated decommissioning of unused resources
- Ongoing cost governance and budget alerting
Infrastructure Audit
Comprehensive review of your AWS infrastructure, Terraform code, security posture, and operational practices. Delivered as a prioritized action plan.
- Security gaps identified and remediation plan delivered
- SOC 2 / compliance readiness assessment
- Architecture recommendations with cost-benefit analysis
Observability & Incident Response
Set up monitoring, alerting, and on-call practices so your team catches issues before customers do.
- Grafana/CloudWatch dashboards with actionable alerts
- PagerDuty integration with automated triage
- Runbooks and incident response playbooks
How I Work
Project-Based
Scoped engagement: audit, design, implement, hand off. Ideal for specific infrastructure initiatives.
Fractional Infrastructure Lead
Ongoing part-time engagement. I embed with your team as a senior infrastructure advisor.
Advisory / Office Hours
Regular check-ins for architecture review, code review, and strategic guidance.
Let's talk
Looking for a Staff Infrastructure Engineer, or need help with a specific infrastructure challenge? Reach out.
moses@aronov.me