AWS Infrastructure Engineer (Contract)
Feb 2026 — Apr 2026 | Perth, Australia
About
Joint venture between UWA, Main Roads WA, and the Department of Transport, using data analytics and computer vision to improve road safety and urban transport planning across Western Australia. Processing large-scale traffic surveillance video using computer vision (YOLOv8) and GPU-accelerated analytics for urban transport planning.
Responsibilities
Designed, built, and delivered the entire ML cloud platform from scratch with 21 Terraform modules, ~200 resources, multi-region ready with data sovereignty controls. Built around an event-driven, loosely coupled architecture following the AWS Well-Architected Framework.
Highlights
New region deployment requires a config file change and one command, no code duplication. Built the entire IaC foundation from scratch using reusable Terraform modules, ~200 resources, remote state in S3 with DynamoDB locking. Each AWS service is its own independently testable module, wired through a single environment file.
Cut ML pipeline processing time by 71% (51 minutes to 15 minutes). Redesigned the compute layer into a GPU-accelerated AWS Batch pipeline with dynamic parallelism scaling from 2 to 60 chunks based on video size. Found and fixed an IAM misconfiguration that was silently over-parallelizing every job.
Reduced compute costs by 60-70% and idle cost from $12/day to $0. Spot instances with On-Demand fallback handle 70% of workloads. GPU instances scale to zero when no jobs are running.
ML team ships new model versions without touching infrastructure. Built a 10-stage orchestration pipeline taking raw video through preprocessing, stabilisation (OpenCV CUDA), object detection (RT-DETR on TensorRT), multi-object tracking (DeepStream NvDCF), track stitching, and rendering. Each stage runs in its own GPU container with automatic retry, self-healing, and real-time progress tracking.
Every code change reviewed, every infrastructure change auditable. Set up GitHub Actions CI/CD for 6 ML containers + 1 frontend with automated builds to ECR, ECS Fargate deployment with database migrations via SSM tunnel. Separate Terraform workflow with plan-on-PR and apply-on-merge, numbered plan files for audit trail, and Copilot code review on every pull request.
Zero public attack surface on the frontend. Designed and deployed CloudFront CDN with WAF protection (SQL injection, XSS, bot control, rate limiting, geo-restriction), ALB with origin verification, ECS Fargate for the application, HTTPS with security headers everywhere. DNS and ACM certificates across multi regions.
Locked down the ML platform end to end. VPC-isolated compute in private subnets with no inbound access, KMS encryption at rest, TLS 1.2+ in transit, all credentials in Secrets Manager with auto-rotation. API Gateway with two-layer authentication, WAF rules, HSTS headers, CORS restrictions, and per-tenant signed cookies. CloudTrail and GuardDuty for audit logging and threat detection.