Lead Infrastructure Automation Engineer

Job description

Key Responsibilities

· Lead adoption of Ansible Tower, migrating jobs and pipelines from legacy infrastructure while defining inventory models, RBAC, job templates, and automation mesh for scale and security.

· Lead solution definition and implementation, including product evaluation and selection of applications, frameworks, and tooling with a bias for open standards, security, and maintainability.

· Own, implement, and promote good practice of the Ansible infrastructure, workflow, and development life cycle, including role structure, collections, linting, Molecule testing, and CI-driven validation.

· Maintain the technology roadmap for the application delivery environment, aligning platform capabilities with product, security, and regulatory requirements.

· Develop custom solutions using scripting or programming (Python, Bash, PowerShell, or Go) to extend automation, integrate APIs, and eliminate manual work.

· Create documentation and training materials to enable implementation and support hand-off to other teams; deliver enablement sessions and office hours.

· Enhance the measurement and monitoring framework for application health and resource utilization using metrics, logs, and tracing to reduce MTTR and improve SLO attainment.

· Collaborate with platform, SRE, security, networking, and application teams to identify and prioritize automation opportunities that improve reliability and speed.

· Investigate and provide resolution of support issues and day-to-day support tasks, adhering to SLAs and participating in an on-call rotation as needed.

· Design, implement, and maintain Terraform modules and environments, including remote state backends, workspaces, versioning, tagging standards, and drift detection.

· Deploy and manage cloud infrastructure on AWS, Azure, and/or GCP using IaC patterns, including networking, IAM, compute, storage, databases, and managed services.

· Build golden images and base machine/container artifacts using Packer, integrated into CI pipelines for deterministic, secure builds.

· Implement container orchestration and release automation using Kubernetes, Helm, and Git-based workflows; standardize manifests and release processes.

· Establish policy-as-code and compliance gates (OPA/Conftest, HashiCorp Sentinel, or Checkov) across IaC pipelines to enforce security and regulatory requirements.

· Integrate secrets management and dynamic credentials with HashiCorp Vault or cloud-native equivalents; remove embedded credentials from code and pipelines.

· Create and maintain CI/CD pipelines (GitLab CI and Jenkins) for application and IaC, including quality checks, security scans, and environment promotion.

· Define and enforce configuration management standards in Ansible (linting, idempotency, inventory strategy, dynamic inventory for clouds).

· Implement observability for automation platforms and workloads using Prometheus, Grafana or Splunk; publish actionable SLO dashboards.

· Drive cost-aware infrastructure design and tagging, collaborating with FinOps to monitor and optimize resource utilization and cloud spend.

· Champion change management and release governance aligned with ITIL and internal controls; maintain audit trails, approvals, and rollback strategies.

Required Qualifications

· 7+ years in infrastructure, DevOps, SRE, or platform engineering roles with hands-on automation experience.

· 3+ years designing, operating, and scaling Ansible (Ansible Tower/AAP or AWX) in production.

· 3+ years building Terraform-based infrastructure at scale, including modules, state management, and pipelines.

· Strong proficiency with at least one major cloud provider (AWS or Azure), including networking, IAM, and security controls.

· Proficient in scripting/programming (Python and Bash; PowerShell or Go a plus) and YAML/Jinja2.

· Deep understanding of CI/CD concepts and tools; proven experience implementing robust pipelines and artifact promotion flows.

· Solid grounding in Linux systems, networking fundamentals, TLS, and RBAC/least-privilege security patterns.

· Experience with Windows operating systems, chocolately package manager and active directory management.

· Experience with monitoring/observability stacks and setting SLOs, alerts, and runbooks.

· Excellent communication skills with a track record of authoring clear documentation and training materials.

Preferred Qualifications

· Red Hat Ansible Automation Platform experience at enterprise scale, including RBAC, EDA, and automation mesh.

· HashiCorp Terraform Associate or equivalent, and cloud certifications (AWS/Azure/GCP).

· Kubernetes certifications (CKA/CKAD) and production operations experience.

· Hands-on with policy-as-code (OPA/Conftest, Sentinel) and IaC security tooling (Checkov, tfsec).

· Experience implementing GitOps practices and tools (Argo CD or Flux).

Work Model

· Hybrid role based in Bengaluru (Bangalore), Karnataka, India.

· Core collaboration hours aligned to IST, with occasional overlap with UK/EU or US teams as needed.

· Participation in an on-call rotation for platform services with compensating time-off per policy.

Required Skill Profession

Computer Occupations