Infrastructure as a Code Engineer | Must work on W2
Grand Rapids, Michigan, United States of America
Contract
3 weeks ago
Key skills
BootstrapAWSTerraformGitHub ActionsECSEKSEC2S3DynamoDBRDSIAMCloudWatchGitHubGitOpsCI/CDCommunicationCollaboration
About this role
Job Title: Infrastructure as Code (IaC) Engineer Job
Location - Grand Rapids, MI (Hybrid)
Essential Functions:
- Design, build, and maintain Terraform modules and IaC patterns used by multiple delivery teams.
- Implement and operate Terraform deployments via Spacelift, including stack design, approvals, drift detection, and environment promotion.
- Develop and maintain Rundeck jobs for AWS operational automation, breakglass actions, and platform support workflows.
- Build and support GitHubbased CI/CD pipelines using GitOps principles (PRdriven change control).
- Establish and enforce AWS standards for:
- Account structure and environments
- Tagging, cost allocation, and ownership
- Security, access control, and auditability
- Implement secure automation using IAM roles, OIDC, and leastprivilege access.
- Collaborate with application and platform teams to onboard workloads to standardized IaC tooling.
- Produce and maintain documentation, runbooks, and onboarding guides.
- Troubleshoot IaC, pipeline, and automation failures; participate in root cause analysis as needed.
Qualifications:
Infrastructure as Code (Terraform)
- 5+ years of handson Terraform experience in production AWS environments.
- Advanced experience with:
- Module design, reuse, and versioning
- Remote state using S3 and DynamoDB
- Multiaccount and multienvironment deployments
- Standards enforcement via validation and lifecycle rules
- Experience supporting centralized Terraform modules consumed by many teams.
AWS Cloud Expertise
- Strong, practical experience with:
- AWS Organizations, SCPs, and multiaccount strategies
- Crossaccount IAM role design
- Account bootstrap / landing zone concepts
- Handson experience provisioning AWS services via Terraform, including:
- IAM
- VPC and networking
- EC2 / Auto Scaling
- EKS or ECS (working knowledge)
- S3, RDS
- CloudWatch and logging
- KMS and encryption
Spacelift (Terraform Orchestration)
- Production experience using Spacelift for Terraform:
- Stack and dependency design
- Environment promotion and approvals
- Worker configuration (private or AWShosted preferred)
- Drift detection and scheduled runs
- Experience integrating Spacelift with AWS IAM and GitHub workflows.
Rundeck (Operational Automation)
- Experience designing and operating Rundeck jobs for AWS infrastructure operations.
- Strong understanding of:
- Job security, RBAC, and approvals
- Credential management using IAM roles (no static keys)
- Error handling, retries, and notifications
- Familiarity with jobascode or versioncontrolled job patterns.
GitHub & CI/CD
- Enterprise GitHub experience, including:
- Branch protection rules and CODEOWNERS
- Required reviews and PRbased change control
- GitHub Actions for CI/CD
- OIDCbased authentication to AWS
- Strong understanding of GitOps delivery models.
Security & Compliance
- Experience implementing:
- Leastprivilege IAM and permission boundaries
- Secure secrets handling (no credentials in code)
- Approval workflows and separation of duties
- Ability to embed security and compliance into IaC pipelines rather than manual processes.
- Experience in regulated or risksensitive environments strongly preferred.
Operational & Collaboration Skills
- Strong troubleshooting and operational mindset.
- Experience supporting shared platforms used by many teams.
- Ability to document solutions clearly and enable team adoption.
- Strong communication skills and comfort working with crossfunctional stakeholders.
--
Asher Williams
Desk: 2o1.497.1o1o X:1o5 | Direct: 551.272.o129
asher (at) pullskill dot com