We are seeking an experienced Infrastructure as Code (IaC) Engineer (Contract) to support a centralized cloud enablement team responsible for building, deploying, and operating standardized AWS infrastructure using Terraform, Spacelift, Rundeck, and GitHub.
This role focuses on creating and maintaining reusable IaC patterns, build and deployment automation, and governance controls that enable secure, scalable self‑service infrastructure across a multi‑account AWS environment. The contractor will work closely with platform, security, and application teams to deliver reliable "paved road" solutions while maintaining strong compliance and operational rigor.
location: Grand Rapids, Michigan
job type: Contract
salary: $55 - 65 per hour
work hours: 8am to 5pm
education: Bachelors
responsibilities:
- Design, build, and maintain Terraform modules and IaC patterns used by multiple delivery teams.
- Implement and operate Terraform deployments via Spacelift, including stack design, approvals, drift detection, and environment promotion.
- Develop and maintain Rundeck jobs for AWS operational automation, break‑glass actions, and platform support workflows.
- Build and support GitHub‑based CI/CD pipelines using GitOps principles (PR‑driven change control).
- Establish and enforce AWS standards for:
- Account structure and environments
- Tagging, cost allocation, and ownership
- Security, access control, and auditability
- Implement secure automation using IAM roles, OIDC, and least‑privilege access.
- Collaborate with application and platform teams to onboard workloads to standardized IaC tooling.
- Produce and maintain documentation, runbooks, and onboarding guides.
- Troubleshoot IaC, pipeline, and automation failures; participate in root cause analysis as needed.
qualifications:
Infrastructure as Code (Terraform)
5+ years of hands‑on Terraform experience in production AWS environments.
Advanced experience with:
Module design, reuse, and versioning
Remote state using S3 and DynamoDB
Multi‑account and multi‑environment deployments
Standards enforcement via validation and lifecycle rules
Experience supporting centralized Terraform modules consumed by many teams.
AWS Cloud Expertise
Strong, practical experience with:
AWS Organizations, SCPs, and multi‑account strategies
Cross‑account IAM role design
Account bootstrap / landing zone concepts
Hands‑on experience provisioning AWS services via Terraform, including:
IAM
VPC and networking
EC2 / Auto Scaling
EKS or ECS (working knowledge)
S3, RDS
CloudWatch and logging
KMS and encryption
Spacelift (Terraform Orchestration)
Production experience using Spacelift for Terraform:
Stack and dependency design
Environment promotion and approvals
Worker configuration (private or AWS‑hosted preferred)
Drift detection and scheduled runs
Experience integrating Spacelift with AWS IAM and GitHub workflows.
Rundeck (Operational Automation)
Experience designing and operating Rundeck jobs for AWS infrastructure operations.
Strong understanding of:
Job security, RBAC, and approvals
Credential management using IAM roles (no static keys)
Error handling, retries, and notifications
Familiarity with job‑as‑code or version‑controlled job patterns.
GitHub & CI/CD
Enterprise GitHub experience, including:
Branch protection rules and CODEOWNERS
Required reviews and PR‑based change control
GitHub Actions for CI/CD
OIDC‑based authentication to AWS
Strong understanding of GitOps delivery models.
Security & Compliance
Experience implementing:
Least‑privilege IAM and permission boundaries
Secure secrets handling (no credentials in code)
Approval workflows and separation of duties
Ability to embed security and compliance into IaC pipelines rather than manual processes.
Experience in regulated or risk‑sensitive environments strongly preferred.
Operational & Collaboration Skills
Strong troubleshooting and operational mindset.
Experience supporting shared platforms used by many teams.
Ability to document solutions clearly and enable team adoption.
Strong communication skills and comfort working with cross‑functional stakeholders.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).
This posting is open for thirty (30) days.
