IaC Engineer
Toyota Tsusho Systems US, Inc. · Plano, TX · 2 wk ago
RemoteRemoteEngineeringFull-time
Key Responsibilities
- Design, implement, and maintain secure Infrastructure as Code solutions for cloud and containerized environments supporting AI security workloads
- Own and manage EKS clusters, including node group configurations, networking policies, RBAC, and pod security standards to support secure AI model development and deployment
- Develop and maintain hardened Terraform modules, configurations, and reusable infrastructure patterns with built-in security controls (e.g., least-privilege IAM, encryption-at-rest, network segmentation)
- Build and manage Docker images and Helm charts with security-first principles—image scanning, minimal base images, secrets management, and signed artifacts
- Integrate security guardrails into CI/CD pipelines, including automated policy checks (e.g., OPA/Gatekeeper, Checkov, tfsec) for infrastructure deployments
- Automate environment provisioning, scaling, configuration, and release processes with a focus on immutable infrastructure and drift detection
- Collaborate with AI security engineers, platform teams, and DevSecOps to ensure infrastructure supports threat modeling, vulnerability management, and incident response requirements
- Enforce infrastructure compliance with organizational security policies, regulatory frameworks (e.g., NIST, CIS Benchmarks), and operational best practices
- Document secure infrastructure patterns, deployment runbooks, and automation workflows for the AI security development team
Requirements
- Bachelor's degree preferred and/or equivalent relevant experience considered
- Strong hands-on experience designing and implementing secure Infrastructure as Code solutions in cloud and containerized environments
- Deep production experience managing Kubernetes, including EKS cluster administration, networking, RBAC, and workload security
- Strong experience with Terraform, including development of reusable modules and secure infrastructure provisioning patterns
- Hands-on experience building and managing Docker images and Helm charts for containerized deployments
- Experience integrating infrastructure automation into CI/CD pipelines with automated validation and deployment workflows
- Strong understanding of infrastructure security best practices, including IAM, encryption, secrets management, and network segmentation
- Experience troubleshooting and remediating issues across Kubernetes, Terraform, containers, and deployment pipelines
- Ability to collaborate effectively with engineering, platform, and DevSecOps teams in a fast-paced environment
Preferred Qualifications
- Experience supporting AI, ML, or security-focused platform workloads in Kubernetes-based environments
- Experience with AWS and cloud-native services related to container orchestration, networking, and infrastructure automation
- Familiarity with infrastructure security and policy enforcement tools such as OPA/Gatekeeper, Checkov, tfsec, or similar solutions
- Knowledge of compliance and security frameworks such as NIST, CIS Benchmarks, or related infrastructure governance standards