AWS Lambda, Amazon Elastic Compute Cloud (EC2), Amazon Web Services (AWS), Application Programming Interface (API), Architectural Design, Artificial Intelligence (AI), Cargo/Freight, Cloud Computing, Coaching, Communication Skills, Computer Science, Continuous Deployment/Delivery, Continuous Integration, Cost Control, Cost Modeling, Cross-Functional, Cryptography, Customer Relations, DevOps, Disaster Recovery, Documentation, Ecosystems, Engineering, Equal Employment Opportunity (EEO), Failover, GitHub, ISO (International Organization for Standardization), Identify Issues, Information Technology & Information Systems, Logistics, Microsoft Access Database, Microsoft Product Family, Microsoft Windows Azure, OAuth, PCI-DSS, Payment Processing, Problem Solving Skills, Production Systems, Profit & Loss, Public Key Infrastructure (PKI), Public Key Infrastructure (PKI) Standards, Risk, Security Architecture, Security Assertion Markup Language (SAML), Security Infrastructure, Security Monitoring, Shipping/Receiving, Single Sign-On (SSO), Software as a Service (SaaS), System Integration (SI), Technical Leadership
About PayCargo:
Millions of shipments with goods and materials move around the world daily, by land, sea, or air.
PayCargo is the world's leading online payment solution that is revolutionizing the shipping and cargo world. With a fast and efficient way to reduce costs associated with payment processing, we help improve the speed and profitability of our customers' businesses.
PayCargo's platform connects payers and vendors across the cargo and logistics ecosystem, supporting payments, remittance data, integrations, vendor release workflows, and customer-facing digital experiences.
About the Role:
The Director of Cloud & AI Platform Architecture is the most senior of PayCargo's platform engineering roles, sits on the DevSecOps team, and operates as the technical second-in-command to the VP of Infrastructure & Security. The role owns architecture across cloud infrastructure, identity and access, the secure AI platform, Bedrock and model strategy, security boundaries, egress design, tokenization and PII-protection patterns, application certification gates, resilience, and long-term platform direction.
This is a hands-on director-level technical leadership role. The person will be expected to design, review, implement, troubleshoot, and operate critical cloud, security, and AI platform capabilities. This is an individual-contributor role with no direct reports; the role is primarily accountable for technical ownership and execution.
This is not a diagram-only or strategy-only role. Every design the Director produces includes an ownership model, deployment path, security boundaries, logging and monitoring, cost controls, failure modes, rollback approach, and runbook expectations so the team can operate it. The role requires deep, current, hands-on experience and the judgment to balance long-term architecture with the practical realities of a modernizing platform.
The Director of Cloud & AI Platform Architecture partners closely with DevOps, Security, Engineering, Product, Compliance, and executive stakeholders to ensure designs are runnable, supportable, and aligned to PayCargo's business and risk priorities.
This position is an individual contributor with no direct reports and operates as a player-coach. The role leads through technical ownership — setting architecture standards, guiding engineers and DevOps through implementation, and ensuring every design can be operated and supported by the team.
As the Director, Cloud & AI Platform Architecture, you will:
Runnable Architecture & Standards
- Design architecture that can be implemented, monitored, secured, cost-managed, and supported by the team
- Ensure every design includes ownership model, deployment path, security boundaries, logging and monitoring, cost controls, failure modes, rollback approach, and runbook expectations
- Define reusable patterns, reference architectures, and Terraform standards that engineers can follow consistently
- Balance long-term architecture with practical modernization of legacy systems and integrations
Cloud & Platform Design
- Architect scalable, resilient solutions across a multi-account, multi-region AWS estate (including VPC peering) and Azure, with redundancy, failover, and disaster recovery
- Guide integration and API design across established systems (EC2-based services, file processing) and newer ECS and serverless workloads, including modernization of legacy integrations
- Define cost-aware designs and help manage cloud and model-usage spend
- Partner with DevOps to ensure designs map cleanly to Terraform and the GitHub Actions deployment pipelines
Identity, Security & Access
- Own the identity and access architecture, including AWS IAM and IAM Identity Center, Microsoft Entra ID, GitHub OIDC federation for CI, and the SSO/SAML and OAuth2/OIDC patterns that connect them
- Set standards for PKI and encryption in transit (AWS Private CA, ACM, mTLS, ALB trust stores) and for zero-trust network access (Entra ID groups, Tailscale)
Secure AI Platform Architecture
- Inform the design of a contained, secure AI platform, including a stateless model layer and an application layer that acts as the control plane
- Define boundaries for tokenization, PII protection, and whitelisted egress so sensitive data is not exposed to model providers
- Establish certification and approval expectations for applications before deployment
- Plan for model-cost strategy, build-versus-buy optionality (including where AWS Bedrock fits), and resilience without over-engineering
Cross-Functional Partnership
- Work with Security to ensure designs include controls, boundaries, and auditability from the start
- Partner with Engineering and DevOps to validate that designs are implementable and supportable
- Advise Product and executive stakeholders on trade-offs, sequencing, and risk
- Document architecture decisions, standards, and runbook expectations clearly
Required Qualifications:
- 7+ years of hands-on architecture, platform, and senior engineering experience
- Deep, current, hands-on experience across cloud infrastructure, platform and security architecture, production operations, and AI/model infrastructure — or the demonstrated ability to own that architecture quickly
- Strong experience designing and operating solutions on AWS (multi-account, networking, ECS/Fargate, Lambda), with working knowledge of Azure or Entra ID
- Strong understanding of integration patterns, APIs, and data architecture
- Experience designing identity and security boundaries: IAM, SSO/SAML, OAuth/OIDC, and PKI or mTLS
- Experience designing for security, redundancy, disaster recovery, and cost control
- Ability to produce designs with clear ownership, deployment, monitoring, failure modes, and rollback
- Strong understanding of CI/CD (GitHub Actions and OIDC-based deploys), infrastructure-as-code (Terraform), and observability
- Ability to translate architecture into standards engineers can implement and support
- Strong communication and documentation skills, and the ability to influence without direct authority
Experience and Education:
- Bachelor's degree in Computer Science, Information Technology, Engineering, or a related field, or equivalent practical experience
- 7+ years of hands-on architecture, platform, and senior engineering experience
- Demonstrated experience designing and operating production systems in cloud environments
- Experience producing architecture that includes security, monitoring, cost, and operational ownership
- Payments, fintech, SaaS, or logistics experience is a plus
Preferred Qualifications:
- Experience designing secure AI/LLM platforms, including model containment, tokenization, and egress control
- Experience with AWS Bedrock or comparable managed model services
- Experience with application certification, SDK/platform design, and reusable components
- Experience with multi-region redundancy, failover, and resilience design
- Experience in payments, fintech, SaaS, or other regulated, high-volume environments
- Familiarity with SOC, PCI DSS, and ISO 27001 as they relate to architecture and controls
You Will Likely Succeed If:
- Have a winning attitude
- Are naturally curious with an always-learning mentality
- Design for operators, not just for diagrams
- Love to solve difficult problems
- Are assertive, confident, but also humble
- Speak with clarity and listen with intention
- Are disciplined with your processes, documentation, and follow-up
- Can own a problem end to end without constant direction
- Take ownership of both the technical outcome and the business result
What Success Looks Like:
- Architecture is runnable, supportable, and adopted as standards the team follows
- Designs include security boundaries, monitoring, cost controls, failure modes, and runbooks by default
- Cloud solutions are resilient, cost-aware, and aligned to business priorities
- The secure AI platform direction is grounded in implementable, contained designs
- Engineering and DevOps can implement designs without constant clarification
- The Director of Cloud & AI Platform Architecture becomes a trusted owner of one or more critical architecture domains within 90 to 180 days
What We Offer:
Our compensation package includes a competitive salary and bonus plan.
We care about your wellbeing and personal life. We offer vacation, sick, personal time off policies, a generous 401K match, and strong healthcare benefits.
Your success at PayCargo is determined by the impact that you are making, and how well you collaborate with the various teams that you interact with. Everyone at PayCargo is empowered to take ownership to learn, self-improve, and master their skills in an environment focused on efficiency, collaboration, and purpose.
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity employer.