Infrastructure Automation Engineer

Position Summary

oneZero is seeking an Infrastructure Automation Engineer with a strong cloud focus to design, build, and scale automation across our hybrid infrastructure estate. This role is responsible for turning operational processes into reliable, repeatable, code-driven workflows across on-prem and cloud environments.

The ideal candidate combines hands-on infrastructure engineering experience with strong software and automation skills. This person will own and improve infrastructure-as-code patterns, help standardize provisioning and configuration workflows, reduce manual effort and configuration drift, and improve the speed, consistency, and auditability of infrastructure changes.

Our environment includes virtualized and bare metal Windows/Linux infrastructure, along with cloud platforms including AWS and Alibaba Cloud . This role will lead the evolution of our cloud automation strategy while continuing to modernize hybrid infrastructure operations . The role will also help mature automation for physical server build and lifecycle processes using tooling and practices such as unattended deployment, imaging, configuration management, patching, remote administration, and hardware lifecycle orchestration.

Key Responsibilities

• Design, implement, and maintain scalable cloud Infrastructure as Code (IaC) frameworks using Terraform, Spacelift, and Ansible across AWS and Alibaba Cloud.
• Develop reusable Terraform modules, Ansible roles, workflow templates, and automation pipelines that enable standardized, self-service hybrid infrastructure provisioning and platform scalability.
• Support and automate cloud-native services and application hosting platforms, including ECS, ECR, S3, ALB, and equivalent Alibaba Cloud services.
• Build and improve end-to-end provisioning workflows for both virtualized and bare metal infrastructure, including infrastructure provisioning, operating system deployment, post-build configuration, patching, and ongoing lifecycle management.
• Automate bare metal server deployment and rebuild processes using tools and methods such as unattended installations, imaging platforms, PXE-based workflows, configuration management, and remote administration tooling.
• Develop and maintain automation for Windows server configuration and compliance using tools such as Ansible, PowerShell, DSC, WinRM, and related platform-management capabilities.
• Support infrastructure provisioning workflows across VMware/vSphere where applicable, including API-driven resource creation and post-provisioning configuration.
• Partner with Infrastructure, Security, TradeOps, and application teams to translate operational requirements into well-governed automation patterns.
• Improve the reliability of infrastructure delivery by implementing validation, testing, code review, rollback, and change-control mechanisms.
• Develop controls to detect and remediate configuration drift across environments and ensure infrastructure remains aligned to approved code and standards.
• Troubleshoot failures across Terraform, Ansible, Windows/Linux automation, bare metal provisioning workflows, Spacelift, VMware, and cloud automation workflows, and continuously improve operational resilience.
• Document automation patterns, operational runbooks, and implementation standards so solutions are supportable and transferable across the team.
• Identify high-value manual processes suitable for automation and prioritize work based on operational impact, risk reduction, and scalability.

Success Measures

• Reduction in manual hybrid infrastructure provisioning and change activity.
• Faster, more reliable delivery of server and cloud infrastructure changes.
• Increased infrastructure coverage under source control and automated workflows.
• Reduced configuration drift and improved auditability of infrastructure state.
• Improved quality, maintainability, and reuse of infrastructure code across clients and environments.

Required Qualifications

• 5+ years of experience in infrastructure engineering, systems engineering, DevOps, platform engineering, or infrastructure automation roles.
• Proven experience designing and operating Infrastructure as Code in complex hybrid environments.
• Strong hands-on experience with Terraform, Ansible, and automation orchestration platforms such as Spacelift.
• Strong experience automating Windows/Linux server provisioning, configuration, and lifecycle management across both virtualized and physical environments.
• Hands-on experience with bare metal automation, including one or more of the following: unattended OS deployment, PXE or network boot workflows, imaging systems, configuration management, remote administration tooling, patch orchestration, or hardware provisioning processes.
• Experience with tools and technologies such as PowerShell, WinRM, MDT/WDS or equivalent deployment tooling, and related Windows automation frameworks.
• Experience with virtualization platforms such as VMware/vSphere, including API-driven provisioning and infrastructure automation.
• Strong hands-on experience with public cloud infrastructure, especially AWS, including services such as ECS, ECR, S3, and ALB, and related cloud building blocks for application hosting, storage, and traffic management.
• Experience with Alibaba Cloud, or equivalent experience translating AWS-based infrastructure patterns into comparable Alibaba Cloud services.
• Proficiency in one or more scripting/programming languages such as Python, PowerShell, or Bash.
• Solid understanding of Git-based workflows, branching strategies, pull requests, and CI/CD concepts.
• Strong understanding of operational risk, security controls, secrets handling, and change governance in infrastructure automation.
• Strong problem-solving skills, sound engineering judgment, and the ability to work independently in a fast-moving environment.
• Excellent communication skills with the ability to work effectively with both technical and non-technical stakeholders.

Preferred Qualifications

• Experience supporting containerized application platforms and related cloud services, including container registries, object storage, load balancers, and deployment patterns in AWS and Alibaba Cloud.
• Experience building or supporting standardized bare metal server factories or repeatable provisioning pipelines for physical infrastructure.
• Experience with policy enforcement, drift detection, and automated compliance in IaC pipelines.
• Experience with GitHub-based infrastructure workflows.
• Experience with observability and operational tooling such as DataDog, Tenable, Automox, or related infrastructure support platforms .
• Experience with containerization or Kubernetes.
• Experience working in regulated, high-availability, or client-segmented environments.
• Relevant certifications such as AWS Certified DevOps Engineer, Terraform Associate, Ansible-related certifications, or equivalent.

What Great Looks Like

The right person for this role is not just a script writer. They are an infrastructure engineer who can assess a manual process, define a durable technical pattern, implement it safely in code, and leave behind something that is testable, supportable, and scalable. They are comfortable operating across cloud platforms, infrastructure pipelines, virtualization, operating systems, networking, security controls, and server lifecycle automation. They care about long-term maintainability as much as initial delivery.

The salary range for this role is $130,000- 165,000, depending on relevant experience.