Amazon Web Services (AWS), Artificial Intelligence (AI), Best Practices, Cloud Computing, Code Reviews, Communication Skills, Continuous Deployment/Delivery, Continuous Integration, DevOps, Documentation, GitHub, Health Plan, Identity Federation, Information Technology Consulting, Machine Tool, Resource Management, Security Infrastructure, Test Tools
Our Client, an IT Services and Consultant company, is looking for an AWS DevOps Engineer — Infrastructure & Security for their Charlotte, NC/Remote location.
Responsibilities:
- Design, build, and maintain reusable Terraform modules with clear interfaces, versioning, and documentation so other teams can self-serve infrastructure safely
- Manage and optimize HCP Terraform workspaces using VCS-driven workflows — including workspace design, variable sets, run triggers, and policy enforcement
- Provision and manage cloud resources (primarily AWS) following least-privilege access patterns and security best practices
- Manage secrets and sensitive configuration using HashiCorp Vault and/or AWS Secrets Manager
- Build and maintain CI/CD pipelines (GitHub Actions) with proper gating, scanning, testing, and promotion workflows that integrate with HCP Terraform's VCS-driven run model
- Conduct security reviews of infrastructure code and pipeline configurations
Requirements:- 5+ years of strong hands-on Terraform experience, including writing modules with proper state management, remote backends, and provider configuration
- Hands-on Experience with HCP Terraform (Terraform Cloud), specifically VCS-driven workflows — workspace configuration, speculative plans on PRs, run approvals, and managing workspace variables/variable sets
- Experience with HCP Terraform's private module registry for publishing and consuming internal modules
- Strong understanding of AWS IAM — policies, roles, trust relationships, permission boundaries, and service control policies
- Hands-on Experience with at least one secrets management platform: HashiCorp Vault or AWS Secrets Manager
- Solid understanding of OIDC and federated identity — how trust is established, token exchange, and practical application in CI/CD and cloud access
- Proven experience building and maintaining CI/CD pipelines in GitHub Actions or GitLab CI/CD, including environment promotion, approval gates, and artifact management
- Security-first mindset — you default to deny, scope permissions tightly, and can articulate why
- Hands-on Experience using AI coding assistants (Amazon Q, Kiro, GitHub Copilot, or similar) with a clear understanding of when to trust, verify, and override AI-generated output
- Commitment to human-in-the-loop practices: code review, manual approval gates for production, and treating AI output as a draft — never as the final word
- Nice to Have:
- Experience with Sentinel within HCP Terraform
- Knowledge of infrastructure testing tools
- Contributions to internal developer platforms or self-service infrastructure tooling
Why Should You Apply?