Infrastructure Automation Engineer (Terraform-heavy)
United States of America
Full Time
1 week ago
$100,000 - $150,000 USD
No H1B
Key skills
PythonGoBashAWSAzureGCPTerraformGitHub ActionsGitLab CITerragruntIAMGitGitHubGitLabCI/CD
About this role
Bright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. They are seeking an Infrastructure Automation Engineer with deep Terraform expertise to design, build, and maintain infrastructure-as-code foundations that power cloud and hybrid environments. The role involves creating reusable Terraform modules, enforcing policy-as-code, and standardizing infrastructure delivery across multiple teams.
Responsibilities:
- Design, develop, and maintain modular, composable Terraform code that codifies the entire infrastructure estate across cloud accounts and environments
- Build a library of well-tested, reusable Terraform modules with clear interfaces, semantic versioning, and comprehensive documentation
- Implement Terraform automation pipelines using GitHub Actions, GitLab CI, Atlantis, Terraform Cloud, or Spacelift, with plan/apply gating, drift detection, and policy enforcement
- Define and enforce policy-as-code using Sentinel, Open Policy Agent (OPA), Conftest, or Checkov to prevent insecure or non-compliant infrastructure changes
- Manage Terraform state at scale with appropriate backend strategies, state locking, workspace organization, and disaster recovery patterns
- Drive multi-account, multi-region, and multi-cloud infrastructure provisioning strategies with clear isolation, naming, and tagging standards
- Implement infrastructure testing including unit tests with terraform-compliance, integration tests with Terratest, and policy tests across pull requests
- Collaborate with security, networking, and platform teams to embed guardrails directly into reusable modules and pipelines
- Standardize patterns for secrets management, identity federation, and least-privilege IAM through reusable Terraform abstractions
- Lead migrations from legacy, ClickOps, or non-IaC infrastructure into managed Terraform footprints with minimal disruption
- Drive cost optimization, tagging hygiene, and lifecycle management across the Terraform-managed estate
- Mentor engineering teams on Terraform best practices, anti-patterns, and pull-request review standards
- Maintain comprehensive runbooks, architecture diagrams, and onboarding materials for the infrastructure platform
- Stay current with Terraform, OpenTofu, and broader IaC ecosystem developments and recommend adoption where beneficial
Requirements:
- Bachelor's degree in Computer Science, Engineering, or a related field
- Five or more years of experience in cloud infrastructure or DevOps engineering, with significant Terraform focus
- Deep, hands-on expertise authoring and maintaining production Terraform across at least one major cloud provider
- Strong experience designing reusable Terraform modules with clean APIs and version discipline
- Hands-on experience with Terraform state management, backends, and large-scale workspace organization
- Strong scripting skills in Python, Go, or Bash
- Experience with CI/CD pipelines for infrastructure code and automated policy enforcement
- Solid understanding of cloud networking, identity, and security primitives
- Strong Git-based workflows including code review, branching, and release management
- Excellent troubleshooting and root-cause analysis skills
- Experience with multi-cloud Terraform (AWS + Azure or AWS + GCP)
- Familiarity with Terragrunt, Atlantis, Spacelift, or env0
- Experience with policy-as-code engines (Sentinel, OPA, Checkov)
- Contributions to public Terraform modules or providers
- Exposure to FinOps practices and tagging-driven cost governance