Infrastructure as Code (IaC) Engineer

We are seeking an experienced Infrastructure as Code (IaC) Engineer (Contract) to support a centralized cloud enablement team responsible for building, deploying, and operating standardized AWS infrastructure using Terraform, Spacelift, Rundeck, and GitHub.

This role focuses on creating and maintaining reusable IaC patterns, build and deployment automation, and governance controls that enable secure, scalable self service infrastructure across a multi account AWS environment. The contractor will work closely with platform, security, and application teams to deliver reliable 'paved road' solutions while maintaining strong compliance and operational rigor., Essential Functions:Design, build, and maintain Terraform modules and IaC patterns used by multiple delivery teams.Implement and operate Terraform deployments via Spacelift, including stack design, approvals, drift detection, and environment promotion.Develop and maintain Rundeck jobs for AWS operational automation, break glass actions, and platform support workflows.Build and support GitHub based CI/CD pipelines using GitOps principles (PR driven change control).Establish and enforce AWS standards for: Account structure and environmentsTagging, cost allocation, and ownershipSecurity, access control, and auditabilityImplement secure automation using IAM roles, OIDC, and least privilege access.Collaborate with application and platform teams to onboard workloads to standardized IaC tooling.Produce and maintain documentation, runbooks, and onboarding guides.Troubleshoot IaC, pipeline, and automation failures; participate in root cause analysis as needed.

Must HaveAWS Cloud ExpertiseGitHub & CI/CDOperational & Collaboration SkillsRundeck (Operational Automation)Security & ComplianceSpacelift (Terraform Orchestration)Terraform experience in production AWS environments.

Nice To HaveExperience migrating teams into centralized IaC or platform tooling.FinOps experience (cost tagging, chargeback/showback)Policy-as-code exposure (OPA, Sentinel, or equivalent)Terraform tooling: tflint, checkov, tfsec, infracost

#LI-AN1, Infrastructure as Code (Terraform)5+ years of hands on Terraform experience in production AWS environments.Advanced experience with: Module design, reuse, and versioningRemote state using S3 and DynamoDBMulti account and multi environment deploymentsStandards enforcement via validation and lifecycle rulesExperience supporting centralized Terraform modules consumed by many teams.

AWS Cloud ExpertiseStrong, practical experience with: AWS Organizations, SCPs, and multi account strategiesCross account IAM role designAccount bootstrap / landing zone conceptsHands on experience provisioning AWS services via Terraform, including: IAMVPC and networkingEC2 / Auto ScalingEKS or ECS (working knowledge)S3, RDSCloudWatch and loggingKMS and encryption

Spacelift (Terraform Orchestration)Production experience using Spacelift for Terraform: Stack and dependency designEnvironment promotion and approvalsWorker configuration (private or AWS hosted preferred)Drift detection and scheduled runsExperience integrating Spacelift with AWS IAM and GitHub workflows.

Rundeck (Operational Automation)Experience designing and operating Rundeck jobs for AWS infrastructure operations.Strong understanding of: Job security, RBAC, and approvalsCredential management using IAM roles (no static keys)Error handling, retries, and notificationsFamiliarity with job as code or version controlled job patterns.

GitHub & CI/CDEnterprise GitHub experience, including: Branch protection rules and CODEOWNERSRequired reviews and PR based change controlGitHub Actions for CI/CDOIDC based authentication to AWSStrong understanding of GitOps delivery models.

Security & ComplianceExperience implementing: Least privilege IAM and permission boundariesSecure secrets handling (no credentials in code)Approval workflows and separation of dutiesAbility to embed security and compliance into IaC pipelines rather than manual processes.Experience in regulated or risk sensitive environments strongly preferred.

Operational & Collaboration SkillsStrong troubleshooting and operational mindset.Experience supporting shared platforms used by many teams.Ability to document solutions clearly and enable team adoption.Strong communication skills and comfort working with cross functional stakeholders.

The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are CMM Level 5 company.