IaC Engineer — AWS CDK / TypeScript

Overview

We are looking for an experienced Infrastructure as Code Engineer to help design, build, and support secure AWS environments using AWS CDK with TypeScript. This role is focused on practical cloud engineering, automation, troubleshooting, and delivery across commercial and GovCloud-style AWS environments. The ideal candidate is a hands-on engineer who can work independently, solve problems without needing constant direction, and understands how to operate in structured engineering environments using GitLab, Jira, and disciplined change control.

Responsibilities

• Design, develop, and maintain infrastructure using AWS CDK with TypeScript.
• Build and support AWS account structures across environments such as Shared Services, Network, Security, Development, QA, Stage, and Production workload accounts.
• Develop reusable CDK constructs, stacks, and deployment patterns that support secure, repeatable cloud deployments.
• Work with GitLab for source control, merge requests, CI/CD pipelines, and code review workflows.
• Coordinate work through Jira, including proper ticket tracking, branch naming, commit messages, and merge request references tied to ticket numbers.
• Troubleshoot cloud infrastructure issues using AWS services such as CloudWatch, CloudTrail, Config, VPC Flow Logs, IAM Access Analyzer, and related observability tools.
• Build and maintain AWS Lambda functions as part of automation, deployment, monitoring, integration, and operational workflows.
• Support serverless architectures, event-driven workflows, and integrations between AWS services.
• Assist with container and cluster-based environments, including ECS, EKS, Kubernetes, or similar platforms.
• Help enforce cloud security, IAM least privilege, logging, monitoring, tagging, and compliance-aligned infrastructure practices.
• Document infrastructure designs, deployment steps, operational procedures, and troubleshooting findings.
• Work independently to identify gaps, propose improvements, and continue making progress without waiting for step-by-step direction.

Requirements

• Strong hands-on experience with AWS CDK using TypeScript.
• Strong AWS experience, including IAM, VPCs, subnets, routing, security groups, CloudWatch, CloudTrail, Lambda, S3, KMS, and related core services.
• Experience working in AWS GovCloud or GovCloud-style environments with multi-account architecture.
• Understanding of account separation patterns such as Shared Services, Network accounts, Security/Logging accounts, and workload accounts.
• Experience writing and maintaining AWS Lambda functions.
• Experience using GitLab for source control and CI/CD workflows.
• Experience working from Jira tickets and following disciplined branch, commit, and merge request naming practices tied to ticket numbers.
• Strong troubleshooting skills in cloud environments.
• Familiarity with serverless patterns and AWS-native automation.
• Familiarity with clusters or container platforms such as EKS, ECS, or Kubernetes.
• Ability to read existing infrastructure code, understand intent, improve it, and safely extend it.

Preferred Qualifications

• Experience with AWS Organizations, Control Tower, Landing Zone Accelerator, or multi-account governance patterns.
• Experience with AWS GovCloud compliance environments, including CMMC, FedRAMP, IL4, IL5, or similar regulated environments.
• Experience with GitLab CI/CD pipelines for infrastructure deployment.
• Experience with networking in AWS, including Transit Gateway, VPC peering, private endpoints, NAT, route tables, DNS, and hybrid connectivity.
• Experience with CloudFormation, Terraform, or other IaC tools in addition to CDK.
• Experience with observability, alerting, and operational dashboards.
• Experience supporting production cloud environments.
• Self-starter who does not need constant direction to stay productive.
• Strong problem solver who can investigate issues independently and bring clear findings back to the team.
• Hard worker with a bias toward action and follow-through.
• Comfortable working in secure, structured, and compliance-driven environments.
• Able to communicate clearly with engineers, managers, and stakeholders.
• Detail-oriented with strong ownership of code quality, documentation, and operational reliability.
• Willing to ask good questions, but also capable of researching and proposing solutions independently.