What Is a Cloud Engineer? What I Do and How I Got Here

by Molly Stewart | Jan 04, 2019

Molly Stewart holding a coffee mug that says, 'I run on caffeine, cats and cuss words.' Molly Stewart is a cloud engineer from St. Louis, Missouri. Last year she reviewed CompTIA PenTest+, explaining why she took it and the value she sees. Today she’s back to talk about ​what a cloud engineer does, how she got to where she is and the difference between working on-premises vs. cloud.

What ​is a cloud engineer?

As a cloud engineer, I maintain a customer cloud infrastructure. I ensure that the data processing solutions are functional and that accesses and data are correctly processed. I also ensure we are following best practices, keeping costs down and keeping our solutions secure.

In the Amazon cloud environment, I maintain the EC2 instances (virtual machines), monitor incoming transaction queues, maintain s3 (storage) and create identity access management (IAM) roles and policies.

A typical day includes making the environment safer, finding ways to automate processes, finding optimizations for cost and performance, and responding to customer inquiries.

How did you become a cloud engineer?

I have bachelor’s degree, and I worked a little bit of everything in IT before moving to the cloud: from desktop support to Windows admin, Linux admin and VMWare admin to data center and cybersecurity.

I also have a lot of IT certifications:

The certifications have helped open doors to me in different areas of technology, by meeting a requirement on a job application or by proving I have some baseline experience within certain fields. They also help me identify what I need to know, especially in emerging fields like cloud computing.

To gain hands-on skills, I like to tinker with new, interesting things, so I used a free trial account to get familiar with the cloud. Usually it helps to just jump in and try things out, learn from the mistakes.

What are some of the differences between working on-premises vs. cloud?

Making the transition from working an on-premises data center to the cloud was really fascinating for me. Working in the cloud environment is different from a regular data center because you can manage most of what you need to do from the console.

If I need to change dynamic host configuration protocol (DHCP) settings or modify subnets or access control lists (ACLs), it can all be done within the web interface or through the command line. In my previous positions, I’d have to pull up the management console for the specific services. I never did much with ACLs on network devices or routing before, but within a cloud environment, you get to learn all the facets in one spot. 

Another large difference between on-premises data centers versus the cloud is that the cloud emphasizes infrastructure as code. Within the Amazon cloud, you can deploy cloud formation templates and essentially deploy your environment with YAML files. This makes it super easy to re-deploy things like a test environment, which usually skews from production, and can keep the configurations very close.

There are also slightly different security concerns in a cloud versus a standard data center. A lot of controls can be inherited from the cloud provider, and there are a handful of differences that make the older compliance rules not applicable.

The cloud provider also gets their services certified for use for specific compliance purposes. For example, Amazon has a list of services and what compliance they fall under: Federal Risk and Authorization Management Program (FedRAMP), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI), Service Organization Control (SOC) and more.

Another large difference within the cloud is having resources on demand. You can set up your servers to spin up more instances if there is a lot of consumption, like at peak times, and then just shut them off and not pay for them when they are not needed. Optimizing the use of those resources for cost is very specific to your cloud provider.

Where I worked before, we would have technical refreshes with on-premises data centers, finding the best cost of new hardware that will be most reliable until new funds were allocated. Here in the cloud, we are determining if our instances can run smaller, configuring autoscaling groups for more efficiencies or discerning which style of deployment or cloud-provided utility will best fit our system needs at the lowest cost. As most cloud providers keep incorporating new features and changing prices, this can be very interesting and keep you on your toes!

How do your past experiences play into the role you have now?

The cloud is a nice big mix of everything. I use networking, server administration, scripting and vulnerability and pen testing skills to help architect and support our system layouts. Almost everything I’ve learned or done at previous jobs help me manage our cloud environment in some way because the foundations have a lot of similarities.

What’s next on your learning agenda?

Currently, I’m getting ready to test for my GIAC Reverse Engineering Malware (GREM) certification and continuing studies on my master’s in computer science.

What advice would you have for someone who wants to work in cloud computing?

I would say not to be intimidated. A lot of the concepts are the same, just with a different interface. Seasoned on-premises engineers and administrators will not find it too difficult to pick up. Also, most cloud providers offer a free trial account so that you can use that to help study for certifications or get a handle on what it’s like.

Do you want to be a cloud engineer? Download the exam objectives for CompTIA Cloud+ to see what you need to know.

11 Comments

  • John

    Sunday, January 13, 2019

    Thanks Debra! I'm just starting my career in IT, but I already have my "head in the clouds" or at least wanting to! ☺ Cloud computing is here and hopefully I can become an expert like you in it.

  • kunle fasalojo

    Friday, January 18, 2019

    Very inspiring easy to grasp write up.

  • David Cooley

    Monday, January 21, 2019

    Thanks Molly, I love your cup BTW! I have worn the many hats through the years, cutting my sysadmin skills on DEC VAX 750 and MicroVax systems (Yes, I'm old LOL), all the way up to Solaris 8, RHEL, some Oracle DB admin and LDAP admin for a military "think tank". After 30 years in IT with no degree, The market finally pushed me out. The piece of paper in a frame has become a requirement to be employed in the field anymore. So, better late than never, at 55 I enrolled in WGU's System and Cloud administration B.S. degree program. In the meantime, I work for a large casino repairing Slot Machines. I have implemented an open source parts inventory system that I have fine tuned for our requirements. The issues I have there, is our IT departments "Specialist" knows nothing but windows and refuses to even try to learn anything to do with Linux. I have had to work with the IT Director and have been allowed to build out the VM and network configurations I needed to implement my system. I am currently also awaiting the IT department to have an opening so I can slide on over. Thank you for your insight!

  • Dave

    Tuesday, January 22, 2019

    I enjoyed reading this article. Molly explained the roles of a Cloud Engineer very well. I've worked in a Datacenter installing, upgrading both hardware and software, and supporting 3000 HP Proliant Servers. So, I was able to relate mostly to what Molly was saying. Additionally, I learned the roles specific to a Cloud Engineer. I wasn't entirely clear on this until reading this article. This article is very informative, insightful, and nicely detailed. I am glad I read it. Good Job Molly on earning all those IT Certifications. Very nice!

  • Michael Byrne

    Friday, January 25, 2019

    Is it hard to do I did the compitia a+220-901 and I doing the network to pass and be in IT

  • Cyril

    Friday, January 25, 2019

    Good day, Please i want to know what the requirements are Networking N+ and security S+ exams, is it also mandatory to take A+ before taking N+ and S+? I have MCITP (server 2008 administration) though its expired Thanks and I wait your quick responds

  • Friday, January 25, 2019

    Hi, Cyril! CompTIA certifications don't have mandatory requirements, but we do recommend that you have a certain level of experience. You can find the recommended level of experience for each certification on the certification's web page. Go to the top of this page, hover over certifications and click on the one you want to know more about. Good luck!

  • Mary Moore

    Friday, January 25, 2019

    Very informative. I will share the article with the students in my Cloud Computing Class at West Virginia University Potomac State College

  • Sohaib

    Monday, April 15, 2019

    Hi Molly, very informative post. I am contemplating switching my career to Cloud Engineer (aws certified associate as my agenda). I have a BS in Computer Science. I have not worked as a developer. Instead I chose Software Quality Assurance. After 10 years in this role, I started the role of Business analyst. I don't have any IT background except for basic unix/solaris and windows sys. admin. I have knowledge of basic programming. I want to ask you or anyone else who read this, is this even advisable for me to take this certification exam when I lack so many years of IT experience. I also have no liking for networking subnetting (i have a fear of the topic). Will I be managing this a lot? Will I be directly editing/creating the subnets or will it be done through an "API"?

  • Tuesday, April 16, 2019

    Hi, Sohaib! Thanks for your comment. I'll let Molly speak to the role of cloud engineer, but in terms of certifications, it's really up to you to decide which one is right for you based on the role you want and the experience you have. All CompTIA certifications list recommended experience levels, but we have no requirements, per se. For CompTIA Cloud+, we recommend 2-3 years in a systems administration role. You can download the exam objectives for any of our certifications for free to see what's covered so you can decide what's right for you and begin studying. Good luck!

  • Molly

    Tuesday, April 16, 2019

    Wow! Thanks for the feedback everyone! Sohaib, I did not have to do any subnet masking for my AWS solutions architect associate, and I don't believe the AWS cloud practitioner has any either. I think once you review the objectives, you can study and use free subscriptions to cloud providers to get some hands on, you will be able to get the hang of it and be fine with cloud certs. If you feel unsure, you can always take the most beginner certs to start out with. From my perspective, I've had to break apart and create subnets out of the range my vpc was given (turn a x.x.x.x/21 into smaller x.x.x.x/24, x.x.x.x/26, etc). I've also set up network ACLs and security groups. Knowing those subnet blocks are important for some of that work. In AWS, Security groups mandate you use a CIDR address (x.x.x.x/32 for a single host). I always use an online subnet calculator for double checking myself when I have to do subnetting because I'm not a network person by trade. If you are building the subnets or security groups in the web interface, the interface will usually tell you if you've entered an invalid range (I've learned from experience LOL). You can also setup subnets in the command line, via API, or in infrastructure as code style template (AWS uses a cloud formation template), or via third party infrastructure as code style configurations (I believe salt, ansible, chef, and terraform can all preform this work). A lot of times, if I've never done something in the console (web interface), I'll try it there first, and then build my infrastructure template once I understand exactly what I am trying to do. Usually once you setup your enviornment you won't be making too many modifications to the subnets. You will most likely be updating security groups a lot, depending on whether or not you allow developers to use arbitrary ports, or mandate they stick to an approved few. You might also see them with troubleshooting connectivity - checking security groups, ACLs, and route tables will use a little bit of subnetting skills. Some companies will split up the roles within their cloud, and have specific network teams or specific IAM policies, etc. All in all, I think if it's something you're interested in, don't let subnetting get in your way! There won't be much of that on the earlier certs. Once you get into doing more cloud like work, you'll most likely have someone on your team who will be willing to help you learn anything you need. Once you work in the cloud you'll see a lot of the programming concepts you may have experience with, split apart and come to life- like lambda, queues, and notifications. Sohaib, you have a lot of useful skills: insight to BOTH Linux and Windows is extremely helpful, and your business perspective will come in handy. Understanding cost utilization and business impact is a VERY important function, that sometimes gets overlooked by the folks who are caught up in entirely technical stuff.

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story