Infrastructure as Code (IaC) Engineer

Our client, is a Hospitals And Health Care company, is looking for a Infrastructure as Code (IaC) Engineer for their Grand Rapids, MI/Hybrid location.
 
Responsibilities:

• This role focuses on creating and maintaining reusable IaC patterns, build and deployment automation, and governance controls that enable secure, scalable self service infrastructure across a multi account AWS environment. The contractor will work closely with platform, security, and application teams to deliver reliable “paved road” solutions while maintaining strong compliance and operational rigor.
• Design, build, and maintain Terraform modules and IaC patterns used by multiple delivery teams.
• Implement and operate Terraform deployments via Spacelift, including stack design, approvals, drift detection, and environment promotion.
• Develop and maintain Rundeck jobs for AWS operational automation, break glass actions, and platform support workflows.
• Build and support GitHub based CI/CD pipelines using GitOps principles (PR driven change control).

• Account structure and environments
• Tagging, cost allocation, and ownership
• Security, access control, and auditability
• Implement secure automation using IAM roles, OIDC, and least privilege access.
• Collaborate with application and platform teams to onboard workloads to standardized IaC tooling.
• Produce and maintain documentation, runbooks, and onboarding guides.
• Troubleshoot IaC, pipeline, and automation failures; participate in root cause analysis as needed.

• AWS Cloud Expertise
• GitHub & CI/CD
• Operational & Collaboration Skills
• Rundeck (Operational Automation)
• Security & Compliance
• Spacelift (Terraform Orchestration)
• Terraform experience in production AWS environments.

• Experience migrating teams into centralized IaC or platform tooling.
• FinOps experience (cost tagging, chargeback/showback)
• Policy-as-code exposure (OPA, Sentinel, or equivalent)
• Terraform tooling: tflint, checkov, tfsec, infracost
• We are seeking an experienced Infrastructure as Code (IaC) Engineer (Contract) to support a centralized cloud enablement team responsible for building, deploying, and operating standardized AWS infrastructure using Terraform, Spacelift, Rundeck, and GitHub.

• 5+ years of hands on Terraform experience in production AWS environments.

• Module design, reuse, and versioning
• Remote state using S3 and DynamoDB
• Multi account and multi environment deployments
• Standards enforcement via validation and lifecycle rules
• Experience supporting centralized Terraform modules consumed by many teams.

• Strong, practical experience with:
• AWS Organizations, SCPs, and multi account strategies
• Cross account IAM role design
• Account bootstrap / landing zone concepts
• Hands on experience provisioning AWS services via Terraform, including:
• IAM
• VPC and networking
• EC2 / Auto Scaling
• EKS or ECS (working knowledge)
• S3, RDS
• CloudWatch and logging
• KMS and encryption

• Production experience using Spacelift for Terraform:
• Stack and dependency design
• Environment promotion and approvals
• Worker configuration (private or AWS hosted preferred)
• Drift detection and scheduled runs
• Experience integrating Spacelift with AWS IAM and GitHub workflows.

• Experience designing and operating Rundeck jobs for AWS infrastructure operations.
• Strong understanding of:
• Job security, RBAC, and approvals
• Credential management using IAM roles (no static keys)
• Error handling, retries, and notifications
• Familiarity with job as code or version controlled job patterns.

• Enterprise GitHub experience, including:
• Branch protection rules and CODEOWNERS
• Required reviews and PR based change control
• GitHub Actions for CI/CD
• OIDC based authentication to AWS
• Strong understanding of GitOps delivery models.

• Experience implementing:
• Least privilege IAM and permission boundaries
• Secure secrets handling (no credentials in code)
• Approval workflows and separation of duties
• Ability to embed security and compliance into IaC pipelines rather than manual processes.
• Experience in regulated or risk sensitive environments strongly preferred.

• Strong troubleshooting and operational mindset.
• Experience supporting shared platforms used by many teams.
• Ability to document solutions clearly and enable team adoption.
• Strong communication skills and comfort working with cross functional stakeholders

• Health Benefits
• Referral Program
• Excellent growth and advancement opportunities

 
ICONMA is an Equal Opportunity Employer. All qualified applicants will receive considerationfor employment without regard to any status protected by applicable law.